All the vulnerabilites related to Siemens - SINAMICS SL150
var-202105-0690
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution. Several Siemens products are vulnerable to access to memory areas after buffer termination.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Siemens (Siemens), Germany.

Siemens SmartVNC has an out-of-bounds memory access vulnerability. Remote attackers can use the vulnerability to submit special requests, which can crash the application or execute arbitrary code in the context of the application. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202105-0690",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150i",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm120",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150i",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\"",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "smartvnc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-27384",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-27384",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-37750",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-27384",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-27384",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-27384",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-27384",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-37750",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202105-548",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-27384",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution. Several Siemens products are vulnerable to access to memory areas after buffer termination.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Siemens (Siemens), Germany. \n\r\n\r\nSiemens SmartVNC has an out-of-bounds memory access vulnerability. Remote attackers can use the vulnerability to submit special requests, which can crash the application or execute arbitrary code in the context of the application. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-27384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27384"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-27384",
        "trust": 3.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-11",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-286838",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-538778",
        "trust": 1.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-12",
        "trust": 1.2
      },
      {
        "db": "JVN",
        "id": "JVNVU91051134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051206",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-04",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27384",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "id": "VAR-202105-0690",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      }
    ],
    "trust": 1.205898611111111
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      }
    ]
  },
  "last_update_date": "2024-08-14T13:12:43.619000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-286838 Siemens\u00a0Security\u00a0Advisory",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "title": "Patch for Siemens SmartVNC memory out-of-bounds access vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/268666"
      },
      {
        "title": "Siemens SmartVNC Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155975"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=43c9c77785b8d29daef02185f41ca476"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9465a8ef1f8c1b0042244cb02cfe271e"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-788",
        "trust": 1.0
      },
      {
        "problemtype": "Access to memory area after buffer termination (CWE-788) [ Other ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
      },
      {
        "trust": 1.2,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91051134/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27384"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-131-11"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051206"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/smartvnc-multiple-vulnerabilities-35360"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/788.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-286838.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27384"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "date": "2021-05-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27384"
      },
      {
        "date": "2022-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      },
      {
        "date": "2021-05-12T14:15:11.677000",
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-37750"
      },
      {
        "date": "2021-05-21T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27384"
      },
      {
        "date": "2022-01-26T07:30:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-10-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      },
      {
        "date": "2021-12-16T18:26:10.080000",
        "db": "NVD",
        "id": "CVE-2021-27384"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerabilities in access to memory areas after buffer termination in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006949"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-548"
      }
    ],
    "trust": 1.2
  }
}

var-202105-0691
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition. Several Siemens products contain resource exhaustion vulnerabilities.Denial of service (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Siemens (Siemens), Germany.

SmartVNC has a resource management error vulnerability. Attackers can use this vulnerability to cause program denial of service. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202105-0691",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150i",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm120",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150i",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\"",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "smartvnc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-27385",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-27385",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-37749",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-27385",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-27385",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-27385",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-27385",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-37749",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202105-575",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-27385",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition. Several Siemens products contain resource exhaustion vulnerabilities.Denial of service (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Siemens (Siemens), Germany. \n\r\n\r\nSmartVNC has a resource management error vulnerability. Attackers can use this vulnerability to cause program denial of service. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-27385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27385"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-27385",
        "trust": 3.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-12",
        "trust": 3.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-286838",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-538778",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU91051134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-04",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051206",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27385",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "id": "VAR-202105-0691",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      }
    ],
    "trust": 1.205898611111111
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      }
    ]
  },
  "last_update_date": "2024-08-14T13:11:37.021000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-286838 Siemens\u00a0Security\u00a0Advisory",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "title": "Patch for Siemens SmartVNC Resource Management Error Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/268656"
      },
      {
        "title": "Siemens SmartVNC Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=151561"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=43c9c77785b8d29daef02185f41ca476"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9465a8ef1f8c1b0042244cb02cfe271e"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-835",
        "trust": 1.0
      },
      {
        "problemtype": "Resource exhaustion (CWE-400) [ Other ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91051134/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27385"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-131-12"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051206"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/smartvnc-multiple-vulnerabilities-35360"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/400.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-286838.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27385"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "date": "2021-05-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27385"
      },
      {
        "date": "2022-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-12T14:15:11.727000",
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "date": "2021-05-21T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27385"
      },
      {
        "date": "2022-01-26T07:30:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006950"
      },
      {
        "date": "2022-10-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2022-10-25T19:56:01.580000",
        "db": "NVD",
        "id": "CVE-2021-27385"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SmartVNC Resource Management Error Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37749"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-575"
      }
    ],
    "trust": 0.6
  }
}

var-202102-0161
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Comfort Panel. Authentication is not required to exploit this vulnerability.The specific flaw exists within the telnet service, which listens on TCP port 22 by default. The issue results from the lack of authentication prior to allowing remote connections. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Siemens Simatic Hmi is a device of Germany's Siemens (Siemens) that provides human-computer interaction functions for industrial automation equipment

Show details on source website


{
  "affected_products": {
    "_id": null,
    "data": [
      {
        "_id": null,
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16.0"
      },
      {
        "_id": null,
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16.0"
      },
      {
        "_id": null,
        "model": "simatic hmi ktp mobile panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16.0"
      },
      {
        "_id": null,
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "sinamics sh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "sinamics sm150i",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16.0"
      },
      {
        "_id": null,
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "_id": null,
        "model": "simatic hmi ktp mobile panels",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": "v16 update 3a  earlier versions"
      },
      {
        "_id": null,
        "model": "comfort panel",
        "scope": null,
        "trust": 0.7,
        "vendor": "siemens",
        "version": null
      },
      {
        "_id": null,
        "model": "simatic hmi",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-129"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-15798"
      }
    ]
  },
  "credits": {
    "_id": null,
    "data": "Ta-Lun Yen of TXOne IoT/ICS Security Research Labs (Trend Micro)",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-129"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2020-15798",
  "cvss": {
    "_id": null,
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2020-15798",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.1,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2021-07537",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-15798",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "IPA",
            "availabilityImpact": "High",
            "baseScore": 8.1,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2021-001015",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ZDI",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-15798",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 0.7,
            "userInteraction": "NONE",
            "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-15798",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2021-001015",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2020-15798",
            "trust": 0.7,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-07537",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202101-2499",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-15798",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-129"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-15798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-15798"
      }
    ]
  },
  "description": {
    "_id": null,
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions \u003c V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions \u003c V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046). This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Comfort Panel. Authentication is not required to exploit this vulnerability.The specific flaw exists within the telnet service, which listens on TCP port 22 by default. The issue results from the lack of authentication prior to allowing remote connections. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Siemens Simatic Hmi is a device of Germany\u0027s Siemens (Siemens) that provides human-computer interaction functions for industrial automation equipment",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-15798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-129"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-15798"
      }
    ],
    "trust": 2.88
  },
  "external_ids": {
    "_id": null,
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-15798",
        "trust": 3.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-033-02",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-520004",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-752103",
        "trust": 1.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-21-129",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU92618342",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU91051134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-12046",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-13",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.0384",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-15798",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-129"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-15798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-15798"
      }
    ]
  },
  "id": "VAR-202102-0161",
  "iot": {
    "_id": null,
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      }
    ],
    "trust": 1.17291723125
  },
  "iot_taxonomy": {
    "_id": null,
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      }
    ]
  },
  "last_update_date": "2024-11-23T19:29:19.148000Z",
  "patch": {
    "_id": null,
    "data": [
      {
        "title": "SSA-520004",
        "trust": 0.8,
        "url": "https://support.industry.siemens.com/cs/document/109746530/image-downloads-for-hmi-operator-panels?dti=0\u0026lc=en-WW"
      },
      {
        "title": "Siemens has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02"
      },
      {
        "title": "Patch for Siemens Simatic Hmi authorization issue vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/246031"
      },
      {
        "title": "Siemens Simatic Hmi Remediation measures for authorization problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=140096"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=727a7bb82c467c1176e726c944e1c560"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=a4e80f78fa87968e8881f762b328bbfa"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2020-15798 "
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-129"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-15798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499"
      }
    ]
  },
  "problemtype_data": {
    "_id": null,
    "data": [
      {
        "problemtype": "CWE-306",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of authentication for important features (CWE-306) [IPA Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-15798"
      }
    ]
  },
  "references": {
    "_id": null,
    "data": [
      {
        "trust": 3.8,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf"
      },
      {
        "trust": 1.2,
        "url": "https://vigilance.fr/vulnerability/simatic-hmi-code-execution-via-unauthenticated-telnet-34430"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu92618342"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91051134/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.0384/"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-13"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/306.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2020-15798"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.zerodayinitiative.com/advisories/zdi-21-129/"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-21-129"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-15798"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-15798"
      }
    ]
  },
  "sources": {
    "_id": null,
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-21-129",
        "ident": null
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-07537",
        "ident": null
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-15798",
        "ident": null
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015",
        "ident": null
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499",
        "ident": null
      },
      {
        "db": "NVD",
        "id": "CVE-2020-15798",
        "ident": null
      }
    ]
  },
  "sources_release_date": {
    "_id": null,
    "data": [
      {
        "date": "2021-02-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-21-129",
        "ident": null
      },
      {
        "date": "2021-01-31T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-07537",
        "ident": null
      },
      {
        "date": "2021-02-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-15798",
        "ident": null
      },
      {
        "date": "2021-02-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-001015",
        "ident": null
      },
      {
        "date": "2021-01-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202101-2499",
        "ident": null
      },
      {
        "date": "2021-02-09T17:15:13.437000",
        "db": "NVD",
        "id": "CVE-2020-15798",
        "ident": null
      }
    ]
  },
  "sources_update_date": {
    "_id": null,
    "data": [
      {
        "date": "2021-02-04T00:00:00",
        "db": "ZDI",
        "id": "ZDI-21-129",
        "ident": null
      },
      {
        "date": "2021-02-03T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-07537",
        "ident": null
      },
      {
        "date": "2022-10-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-15798",
        "ident": null
      },
      {
        "date": "2021-05-19T07:05:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-001015",
        "ident": null
      },
      {
        "date": "2021-08-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202101-2499",
        "ident": null
      },
      {
        "date": "2024-11-21T05:06:12.120000",
        "db": "NVD",
        "id": "CVE-2020-15798",
        "ident": null
      }
    ]
  },
  "threat_type": {
    "_id": null,
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "_id": null,
    "data": "Siemens\u00a0 Made \u00a0HMI\u00a0 Lack of authentication vulnerability for product critical features",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-001015"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "_id": null,
    "data": "access control error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202101-2499"
      }
    ],
    "trust": 0.6
  }
}

var-202106-1489
Vulnerability from variot

The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions). Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202106-1489",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sm150i",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "cve": "CVE-2021-31337",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2021-31337",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-31337",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-31337",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202105-628",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does not require authentication, which may allow a remote attacker to gain access to the device if the service is enabled. Telnet is disabled by default on the SINAMICS Medium Voltage Products (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions). Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31337"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-04",
        "trust": 1.6
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31337",
        "trust": 1.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.1604",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051307",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-628",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "id": "VAR-202106-1489",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.4945055
  },
  "last_update_date": "2024-08-14T12:25:33.574000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Siemens SINAMICS SL150 Fixes for access control error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155889"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-306",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31337"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051307"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.1604"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      },
      {
        "date": "2021-06-28T13:15:20.840000",
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-07-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      },
      {
        "date": "2021-07-02T14:05:42.270000",
        "db": "NVD",
        "id": "CVE-2021-31337"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-628"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Pillow Buffer error vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

var-202106-0971
Vulnerability from variot

SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions). SINAMICS SL150 , SINAMICS SM150 , SINAMICS SM150i Is vulnerable to input validation.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202106-0971",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sm150i",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150i",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "cve": "CVE-2021-27388",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-27388",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-27388",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2021-27388",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-27388",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-27388",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202106-1272",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-27388",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-27388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions). SINAMICS SL150 , SINAMICS SM150 , SINAMICS SM150i Is vulnerable to input validation.Information is obtained, information is tampered with, and service is disrupted  (DoS) It may be put into a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-27388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27388"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-27388",
        "trust": 3.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-04",
        "trust": 2.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27388",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-27388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "id": "VAR-202106-0971",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.4945055
  },
  "last_update_date": "2024-08-14T12:44:07.013000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top\u00a0Page",
        "trust": 0.8,
        "url": "https://www.siemens.com/global/en.html"
      },
      {
        "title": "Siemens SINAMICS SL150 Enter the fix for the verification error vulnerability",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155064"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.0
      },
      {
        "problemtype": "Incorrect input confirmation (CWE-20) [ Other ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27388"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-131-04"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/20.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2021-27388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2021-27388"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-06-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27388"
      },
      {
        "date": "2022-03-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "date": "2021-06-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      },
      {
        "date": "2021-06-15T20:15:11.770000",
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-06-23T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27388"
      },
      {
        "date": "2022-03-10T03:20:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      },
      {
        "date": "2021-06-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      },
      {
        "date": "2021-06-23T20:57:28.830000",
        "db": "NVD",
        "id": "CVE-2021-27388"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural \u00a0SINAMICS\u00a0 Input validation vulnerabilities in medium voltage routerable products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-008258"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202106-1272"
      }
    ],
    "trust": 0.6
  }
}

var-201712-0703
Vulnerability from variot

Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually. plural Siemens The product contains data processing vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensSIMATICS7-200Smart and others are products of Siemens AG. The Siemens SIMATICS7-200Smart is a programmable logic controller (PLC) for use in small and medium-sized automation systems. SIMATICWinACRTX2010incl is a software controller for automation solutions. A denial of service vulnerability exists in several Siemens products. Attackers can exploit this issue to crash the affected device, denying service to legitimate users. A vulnerability has been identified in SIMATIC S7-200 Smart (All versions < V2.03.01), SIMATIC S7-400 PN V6 (All versions < V6.0.6), SIMATIC S7-400 H V6 (All versions < V6.0.8), SIMATIC S7-400 PN/DP V7 (All versions < V7.0.2), SIMATIC S7-410 V8 (All versions < V8.2.1), SIMATIC S7-300 (All versions < V3.X.16), SIMATIC S7-1200 (All versions < V4.2.3), SIMATIC S7-1500 (All versions < V2.0), SIMATIC S7-1500 Software Controller (All versions < V2.0), SIMATIC WinAC RTX 2010 incl. F (All versions), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.2), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP IM155-5 PN HF (All versions < V4.2), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN HF (All versions < V4.2.0), SIMATIC ET 200SP IM155-6 PN HA (All versions < V1.1.0), SIMATIC ET 200SP IM155-6 PN BA (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions), SIMATIC ET 200SP IM155-6 PN HS (All versions), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5), SIMOTION D (All versions < V5.1 HF1), SIMOTION C (All versions < V5.1 HF1), SIMOTION P V4.4 and V4.5 (All versions < V4.5 HF5), SIMOTION P V5 (All versions < V5.1 HF1), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF6), SINAMICS DCP w. PN (All versions < V1.2 HF2), SINAMICS G110M w. PN (All versions < V4.7 SP9 HF1), SINAMICS G120 (C/P/D) w. PN (All versions < V4.7 SP9 HF1), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF6), SINAMICS S120 prior to V4.7 w. PN (All versions < V4.7), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S120 V4.7 SP1 w. PN (All versions), SINAMICS S120 V4.8 w. PN (All versions < V4.8 HF5), SINAMICS S150 V4.7 w. PN (All versions < V4.7 HF29), SINAMICS S150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS V90 w. PN (All versions < V1.02), SINUMERIK 840D sl (All versions), SIMATIC Compact Field Unit (All versions), SIMATIC PN/PN Coupler (All versions < V4.2.0), SIMOCODE pro V PROFINET (All versions < V2.1.1), SIRIUS Soft Starter 3RW44 PN (All versions), SIMOCODE pro V EIP (All versions < V1.0.2). Siemens SIMATIC S7-1500 CPU, etc. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. The following products and versions are affected: Siemens SIMATIC S7-200 Smart prior to V2.03.01; SIMATIC S7-400 PN/DP V7 CPU family (SIPLUS variants); SIMATIC S7-410 V8 CPU family (SIPLUS variants); SIMATIC S7- 300 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1200 CPU family (related to SIPLUS variants); SIMATIC S7-1500 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1500 Software Controller prior to V2.0 wait

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201712-0703",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic compact field unit",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pn\\/pn coupler",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics v90pn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150 v4.8",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simocode pro v profinet",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150 v4.7",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110pn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius soft starter 3rw44pn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-300",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200al",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200ecopn",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200m",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200pro",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcm",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200sp",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "dk standard ethernet controller",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 840d sl",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic compact field unit",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pn/pn coupler",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g110m\\/g120pn",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic s7-1500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200sp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic s7-400pn v6",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.6"
      },
      {
        "model": "simatic winac rtx f 2010",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion c",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simatic et 200mp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200ecopn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200al",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-410 v8",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion p",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simatic s7-400h v6",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.8"
      },
      {
        "model": "simatic s7-400pn\\/dp v7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.03.01"
      },
      {
        "model": "ek-ertec 200p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic et 200pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion d",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics dcp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200p p",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-200 smart",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400 pn v6",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400 pn/dp v7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400h v6",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-410 v8",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx 2010 incl. f",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simocode pro v profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion d",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion p",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g110m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g130",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150 v4.7 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150 v4.8 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics v90 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v2.03.01"
      },
      {
        "model": "simatic s7-400 pn",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6\u003cv6.0.6"
      },
      {
        "model": "simatic s7-400 h",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6"
      },
      {
        "model": "simatic s7-400 pn/dp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7"
      },
      {
        "model": "simatic s7-410",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8"
      },
      {
        "model": "simatic winac rtx incl.f",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "ek-ertec pn io",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "200"
      },
      {
        "model": "simotion d hf1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.1"
      },
      {
        "model": "simotion c hf1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.1"
      },
      {
        "model": "simotion p hf1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.1"
      },
      {
        "model": "sinamics g110m/g120 w.pn sp9 hf1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "ek-ertec 200p",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.5"
      },
      {
        "model": "sinamics s110 w.pn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.8"
      },
      {
        "model": "sinamics w.pn",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v90"
      },
      {
        "model": "simocode pro profinet",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v"
      },
      {
        "model": "sinamics g130 and g150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 840d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.5"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.4"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simocode pro eip",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v1.0.1"
      },
      {
        "model": "simocode pro eip",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v1.0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "20100"
      },
      {
        "model": "simatic winac rtx f sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic winac rtx sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic s7-410",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "8"
      },
      {
        "model": "simatic s7-400 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v60"
      },
      {
        "model": "simatic s7-400 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-400 h",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v60"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.8.3"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.6"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.5.0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.1.3"
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0.1"
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0.0"
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.0.3"
      },
      {
        "model": "simatic s7-1200",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.0.2"
      },
      {
        "model": "simatic et",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2000"
      },
      {
        "model": "simatic compact field unit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.4.1"
      },
      {
        "model": "profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics sm120 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics sl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gh150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics g120p",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g120d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g120c",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g120 update sp9 hf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g110m",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simotion p hf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simotion c hf1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simocode pro eip",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v1.0.2"
      },
      {
        "model": "simatic s7-400 pn",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v66.0.6"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.3.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 200",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx f 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200al",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200ecopn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200m",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200pro",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200s",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "dk standard ethernet controller",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200p",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400pn v6",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion d",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion p",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m g120pn",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s110pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400h v6",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150 v4 7",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150 v4 8",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics v90pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinumerik 840d sl",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic compact field unit",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pn pn coupler",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simocode pro v profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius soft starter 3rw44pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400pn dp v7",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 410 v8",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 controller",
        "version": "2.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "BID",
        "id": "101964"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_compact_field_unit_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_pn%2Fpn_coupler_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-400pn_v6_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-400pn%2Fdp_v7_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-400h_v6_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-410_v8_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_f_2010_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simotion_c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simotion_d_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simotion_p_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s150_v4.7_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s150_v4.8_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens ProductCERT reported this vulnerability to NCCIC.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2017-12741",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-12741",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-36884",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "e2df32de-39ab-11e9-b092-000c29342cb1",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-103294",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-12741",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-12741",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-12741",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2017-12741",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-12741",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-36884",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201711-1105",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "e2df32de-39ab-11e9-b092-000c29342cb1",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-103294",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103294"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Specially crafted packets sent to port 161/udp could cause a denial of service condition. The affected devices must be restarted manually. plural Siemens The product contains data processing vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensSIMATICS7-200Smart and others are products of Siemens AG. The Siemens SIMATICS7-200Smart is a programmable logic controller (PLC) for use in small and medium-sized automation systems. SIMATICWinACRTX2010incl is a software controller for automation solutions. A denial of service vulnerability exists in several Siemens products. \nAttackers can exploit this issue to crash the affected device, denying service to legitimate users. A vulnerability has been identified in SIMATIC S7-200 Smart (All versions \u003c V2.03.01), SIMATIC S7-400 PN V6 (All versions \u003c V6.0.6), SIMATIC S7-400 H V6 (All versions \u003c V6.0.8), SIMATIC S7-400 PN/DP V7 (All versions \u003c V7.0.2), SIMATIC S7-410 V8 (All versions \u003c V8.2.1), SIMATIC S7-300 (All versions \u003c V3.X.16), SIMATIC S7-1200 (All versions \u003c V4.2.3), SIMATIC S7-1500 (All versions \u003c V2.0), SIMATIC S7-1500 Software Controller (All versions \u003c V2.0), SIMATIC WinAC RTX 2010 incl. F (All versions), SIMATIC ET 200AL (All versions), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions \u003c V4.0.2), SIMATIC ET 200MP IM155-5 PN ST (All versions \u003c V4.1), SIMATIC ET 200MP IM155-5 PN HF (All versions \u003c V4.2), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN HF (All versions \u003c V4.2.0), SIMATIC ET 200SP IM155-6 PN HA (All versions \u003c V1.1.0), SIMATIC ET 200SP IM155-6 PN BA (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions), SIMATIC ET 200SP IM155-6 PN HS (All versions), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions \u003c V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions \u003c V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions \u003c V4.5), SIMOTION D (All versions \u003c V5.1 HF1), SIMOTION C (All versions \u003c V5.1 HF1), SIMOTION P V4.4 and V4.5 (All versions \u003c V4.5 HF5), SIMOTION P V5 (All versions \u003c V5.1 HF1), SINAMICS DCM w. PN (All versions \u003c V1.4 SP1 HF6), SINAMICS DCP w. PN (All versions \u003c V1.2 HF2), SINAMICS G110M w. PN (All versions \u003c V4.7 SP9 HF1), SINAMICS G120 (C/P/D) w. PN (All versions \u003c V4.7 SP9 HF1), SINAMICS G130 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS G130 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS G150 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS G150 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS S110 w. PN (All versions \u003c V4.4 SP3 HF6), SINAMICS S120 prior to V4.7 w. PN (All versions \u003c V4.7), SINAMICS S120 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS S120 V4.7 SP1 w. PN (All versions), SINAMICS S120 V4.8 w. PN (All versions \u003c V4.8 HF5), SINAMICS S150 V4.7 w. PN (All versions \u003c V4.7 HF29), SINAMICS S150 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS V90 w. PN (All versions \u003c V1.02), SINUMERIK 840D sl (All versions), SIMATIC Compact Field Unit (All versions), SIMATIC PN/PN Coupler (All versions \u003c V4.2.0), SIMOCODE pro V PROFINET (All versions \u003c V2.1.1), SIRIUS Soft Starter 3RW44 PN (All versions), SIMOCODE pro V EIP (All versions \u003c V1.0.2). Siemens SIMATIC S7-1500 CPU, etc. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. The following products and versions are affected: Siemens SIMATIC S7-200 Smart prior to V2.03.01; SIMATIC S7-400 PN/DP V7 CPU family (SIPLUS variants); SIMATIC S7-410 V8 CPU family (SIPLUS variants); SIMATIC S7- 300 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1200 CPU family (related to SIPLUS variants); SIMATIC S7-1500 CPU family (related to ET200 CPUs and SIPLUS variants); SIMATIC S7-1500 Software Controller prior to V2.0 wait",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "BID",
        "id": "101964"
      },
      {
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103294"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-12741",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "101964",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-339-01",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-346262",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-546832",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-141614",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-128-01",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-099-01",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1206",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "E2DF32DE-39AB-11E9-B092-000C29342CB1",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-103294",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103294"
      },
      {
        "db": "BID",
        "id": "101964"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "id": "VAR-201712-0703",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103294"
      }
    ],
    "trust": 1.560734225135135
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:02.420000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-346262",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-346262.pdf"
      },
      {
        "title": "Patches for multiple Siemens product denial of service vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/109849"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76771"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.0
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-19",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-103294"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "https://www.securityfocus.com/bid/101964"
      },
      {
        "trust": 2.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-339-01"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-346262.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-128-01"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-346262.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-141614.html"
      },
      {
        "trust": 0.9,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-01"
      },
      {
        "trust": 0.9,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-346262.pdf"
      },
      {
        "trust": 0.9,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-546832.txt"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12741"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-01"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12741"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/78750"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-339-01"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103294"
      },
      {
        "db": "BID",
        "id": "101964"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "db": "VULHUB",
        "id": "VHN-103294"
      },
      {
        "db": "BID",
        "id": "101964"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-12T00:00:00",
        "db": "IVD",
        "id": "e2df32de-39ab-11e9-b092-000c29342cb1"
      },
      {
        "date": "2017-12-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "date": "2017-12-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-103294"
      },
      {
        "date": "2017-11-23T00:00:00",
        "db": "BID",
        "id": "101964"
      },
      {
        "date": "2018-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "date": "2017-11-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      },
      {
        "date": "2017-12-26T04:29:13.707000",
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-36884"
      },
      {
        "date": "2020-08-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-103294"
      },
      {
        "date": "2019-04-10T07:00:00",
        "db": "BID",
        "id": "101964"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      },
      {
        "date": "2022-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      },
      {
        "date": "2024-11-21T03:10:07.963000",
        "db": "NVD",
        "id": "CVE-2017-12741"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Data processing vulnerabilities in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011798"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201711-1105"
      }
    ],
    "trust": 0.6
  }
}

var-202105-0692
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition. Several Siemens products are vulnerable to a lack of memory release after expiration.Denial of service (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Germany's Siemens (Siemens) company. Provides an access to the smartserver function in the HMI. Attackers can use the vulnerability to cause a denial of service. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202105-0692",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150i",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm120",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150i",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\"",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sl150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics sm150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics sm150i",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics gh150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics gl150 (with option",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x30)"
      },
      {
        "model": "sinamics gm150 (with option",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x30)"
      },
      {
        "model": "sinamics sh150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics sm120",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-27386",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-27386",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-67537",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-27386",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-27386",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-27386",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-27386",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-67537",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202105-477",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-27386",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition. Several Siemens products are vulnerable to a lack of memory release after expiration.Denial of service (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Germany\u0027s Siemens (Siemens) company. Provides an access to the smartserver function in the HMI. Attackers can use the vulnerability to cause a denial of service. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-27386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27386"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-27386",
        "trust": 3.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-12",
        "trust": 2.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-286838",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-538778",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU91051134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051206",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-04",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27386",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "id": "VAR-202105-0692",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      }
    ],
    "trust": 1.24530875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      }
    ]
  },
  "last_update_date": "2024-08-14T12:18:07.716000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-286838 Siemens\u00a0Security\u00a0Advisory",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "title": "Patch for Siemens SmartVNC heap allocation leak vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/285861"
      },
      {
        "title": "Siemens SmartVNC Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151556"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=43c9c77785b8d29daef02185f41ca476"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9465a8ef1f8c1b0042244cb02cfe271e"
      },
      {
        "title": "CVE-2021-27386",
        "trust": 0.1,
        "url": "https://github.com/JamesGeee/CVE-2021-27386 "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-401",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of free memory after expiration (CWE-401) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "trust": 2.2,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91051134/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27386"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-131-12"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051206"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/smartvnc-multiple-vulnerabilities-35360"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/401.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/jamesgeee/cve-2021-27386"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-286838.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-09-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "date": "2021-05-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27386"
      },
      {
        "date": "2022-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      },
      {
        "date": "2021-05-12T14:15:11.767000",
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-01-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-67537"
      },
      {
        "date": "2021-05-21T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27386"
      },
      {
        "date": "2022-01-26T07:30:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-10-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      },
      {
        "date": "2022-01-04T17:22:06.867000",
        "db": "NVD",
        "id": "CVE-2021-27386"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-477"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability regarding lack of memory release after expiration in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006951"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

var-201705-3220
Vulnerability from variot

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. SIMATIC CP, SIMATIC RF600, SCALANCE W700, etc. are all industrial automation products from Siemens AG. A denial of service vulnerability exists in several industrial devices from Siemens. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC S7-200 Smart, etc. Siemens SIMATIC S7-200 Smart is a programmable logic controller (PLC) used in small and medium-sized automation systems. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module used to support PROFINET (a new generation of automation bus standard based on industrial Ethernet technology). SIRIUS Motor starter M200D PROFINET is a motor starter. The following products and versions are affected: Siemens Extension Unit 12\" PROFINET prior to V01.01.01; Extension Unit 15\" PROFINET prior to V01.01.01; Extension Unit 19\" PROFINET prior to V01.01.01; Extension Unit 22\" PROFINET SIMATIC CP 1242-7 GPRS V2 prior to V2.1.82; SIMATIC CP 1243-7 LTE/US prior to V2.1.82; SIMATIC CP 1243-8 prior to V2.1.82; SIMATIC CP 1626 V1.1 previous version

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3220",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic dk-16xx pn io",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf685r",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf650r",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf680r",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr500",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m-800",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm400",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w700",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1543-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "simatic rf650r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "simatic cp 1626",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1"
      },
      {
        "model": "scalance x414",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.10.2"
      },
      {
        "model": "scalance x200 irt",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.4.0"
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1242-7 gprs",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics gl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1616",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1604",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic s7-1200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "extension unit 22 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "ie\\/pb-link",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cm 1542-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic rf680r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "extension unit 19 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "simatic cp 1243-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics dcp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simotion",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic teleservice adapter ie standard",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic tdc cpu555",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.1"
      },
      {
        "model": "simatic et 200al",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.2"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g110m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "scalance xr500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200ecopn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "scalance m-800",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic hmi multi panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance s615",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "sinamics sl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics dcp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sitop psu8600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2.0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance x200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2.2"
      },
      {
        "model": "simatic s7-1500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g110m",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "scalance xm400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "scalance x408",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "simatic dk-1604 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sirius act 3su1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "softnet profinet io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic tdc cp51m1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.8"
      },
      {
        "model": "simatic dk-1616 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic et 200mp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0.1"
      },
      {
        "model": "sinamics dcm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "scalance w700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "extension unit 12 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "extension unit 15 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "01.01.01"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics g120\\ w. pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic s7-400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.6"
      },
      {
        "model": "simatic et 200sp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simocode pro v profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0.0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "ups1600 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.2.0"
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "ie\\/as-i link pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic cp 1243-8",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics v90 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.01"
      },
      {
        "model": "scalance x300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic rf685r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g120\\ w. pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1243-7 lte\\/us",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "pn\\/pn coupler",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/as-i link pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/pb-link",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "pn/pn coupler",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200 irt",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x408",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x414",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cm 1542-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1604",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1616",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200al",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200ecopn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200pro",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200sp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi multi panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-200 smart",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simocode pro v profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcm",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g110m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g120 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g130",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics v90 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 828d",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 840d sl",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius act 3su1 interface module profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop psu8600",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop ups1600 profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "for pc-based windows systems firmware"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1616"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1604"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1543-1"
      },
      {
        "model": "simatic cm",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1542-1"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1243-1"
      },
      {
        "model": "simatic cp opc-ua",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "simatic cp adv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "simatic cp std",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "443-1"
      },
      {
        "model": "simatic cp std",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "343-1"
      },
      {
        "model": "simatic cp lean",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "343-1"
      },
      {
        "model": "simatic cp adv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "343-1"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x408"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x414"
      },
      {
        "model": "scalance irt",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x200"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x200"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "x300"
      },
      {
        "model": "simatic rf650r",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cm 1542-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf680r",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 828d",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 840d sl",
        "version": "*"
      },
      {
        "model": "ups1600 profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sitop psu8600",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius act 3su1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.5"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.4"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "20100"
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf685r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf680r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf650r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic et",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2000"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "343-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16260"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16160"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16040"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-12.0.28"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-10"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic cp irc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-80"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-70"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-10"
      },
      {
        "model": "simatic cp gprs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v20"
      },
      {
        "model": "scalance xr500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance xm400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4140"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4084.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4083.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x3000"
      },
      {
        "model": "scalance irt",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.5.4"
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.02"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "ie/as-i link pn io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?0"
      },
      {
        "model": "e/pb-link",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 828d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics sl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gh150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic rf685r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic rf680r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16162.7"
      },
      {
        "model": "simatic cp 1604d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic cp irc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-82.1.82"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-72.1.82"
      },
      {
        "model": "simatic cp gprs",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v22.1.82"
      },
      {
        "model": "simatic rf650r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-13.2.17"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15431.2.1"
      },
      {
        "model": "simatic cm1542",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "scalance w700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?1.1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1 irc",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543sp 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf650r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf680r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf685r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1616",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1604",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic dk 16xx pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 lean",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200 irt",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x408",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x414",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xm400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xr500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance w700",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance m 800",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance s615",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "softnet profinet io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie pb link",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie as i link pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter standard modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie basic modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie advanced modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sitop psu8600",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ups1600 profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200al",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200ecopn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200m",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200pro",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200s",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pn pn coupler",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "dk standard ethernet controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200p pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200 pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 200 smart",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 controller",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius act 3su1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius soft starter 3rw44 pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius motor starter m200d profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simocode pro v profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 opc ua",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g120 c p d w pn",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s110 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics v90 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1243 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi multi panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi mobile panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cm 1542 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fpb-link_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fas-i_link_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:pn%2Fpn_coupler_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_m-800_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_s615_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_w700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200irt_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x408_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x414_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xm400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xr500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cm_1542-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1243-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_lean_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_opc-ua_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_dk-16xx_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_mobile_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_multi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf650r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf680r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf685r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_standard_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_2010_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simotion_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g120%28c%2Fp%2Fd%29_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_828d_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_act_3su1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_motor_starter_m200d_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sitop_psu8600_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ups1600_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:softnet_profinet_io_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.",
    "sources": [
      {
        "db": "BID",
        "id": "98369"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2680",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2017-2680",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2017-06151",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-110883",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-2680",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2680",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2680",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2017-2680",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-2680",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06151",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201705-574",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110883",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. SIMATIC CP, SIMATIC RF600, SCALANCE W700, etc. are all industrial automation products from Siemens AG. A denial of service vulnerability exists in several industrial devices from Siemens. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. SIEMENS SIMATIC CP 343-1 Std, CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std, CP 443-1 Adv (All versions before V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions before V2.1.82), SIMATIC CP 1243-1 IRC (All versions before V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions before V2.0), SIMATIC CP 1542SP-1, CP 1542SP-1 IRC, and CP 1543SP-1 (All versions before to V1.0.15), SIMATIC CP 1543-1 (All versions before V2.1), SIMATIC RF650R, RF680R, RF685R (All versions before V3.0), SIMATIC CP 1616, CP 1604, DK-16xx PN IO (All versions before V2.7), SCALANCE X-200 (All versions before V5.2.2), SCALANCE X200 IRT (All versions before V5.4.0), SCALANCE X-300/X408 (All versions before V4.1.0), SCALANCE X414 (All versions before V3.10.2), SCALANCE XM400, XR500 (All versions before V6.1), SCALANCE W700 (All versions before V6.1), SCALANCE M-800, S615 (All versions before V04.03), Softnet PROFINET IO for PC-based Windows systems (All versions before V14 SP1), IE/PB-Link (All versions before V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions before V1.2.0), SITOP UPS1600 PROFINET (All versions before V2.2.0), SIMATIC ET 200AL (All versions before V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP (All versions before V4.0.1), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP (All versions before V4.1.0), SIMATIC PN/PN Coupler (All versions before V4.0), DK Standard Ethernet Controller (All versions before V4.1.1 Patch04), EK-ERTEC 200P PN IO (All versions before V4.4.0 Patch01), EK-ERTEC 200 PN IO (All versions before V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions before V2.3), SIMATIC S7-300 incl. F and T (All versions before V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions before V6.0.6), SIMATIC S7-400-H V6 (All versions before V6.0.7), SIMATIC S7-400 PN/DP V7 incl. F (All versions), SIMATIC S7-CPU 410 (All versions before V8.2), SIMATIC S7-1200 incl. F (All versions before V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions before V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions before V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft starter 3RW44 PN (All versions), SIRIUS Motor starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions), SINAMICS DCM (All versions before V1.4 SP1 HF5), SINAMICS DCP (All versions), SINAMICS G110M / G120(C/P/D) w. PN (All versions before V4.7 SP6 HF3), SINAMICS G130 and G150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S110 w. PN (All versions before V4.4 SP1 HF5), SINAMICS S120 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS S150 (All versions before V4.7 HF27 and V4.8 before HF4), SINAMICS V90 w. PN (All versions before V1.1), SIMOTION (All versions before V4.5 HF1), SINUMERIK 828D (All versions before V4.5 SP6 HF2 and V4.7 before SP6 HF8), SINUMERIK 840D sl (All versions before V4.5 SP6 HF8 and V4.7 before SP4 HF1), SIMATIC HMI Comfort Panels, HMI Multi Panels, HMI Mobile Panels (All versions) could be affected by a Denial-of-Service condition induced by a specially crafted PROFINET DCP broadcast (Layer 2 - Ethernet) packet. Siemens SIMATIC S7-200 Smart, etc. Siemens SIMATIC S7-200 Smart is a programmable logic controller (PLC) used in small and medium-sized automation systems. Siemens SIMATIC CP 343-1 Advanced is an Ethernet communication module used to support PROFINET (a new generation of automation bus standard based on industrial Ethernet technology). SIRIUS Motor starter M200D PROFINET is a motor starter. The following products and versions are affected: Siemens Extension Unit 12\\\" PROFINET prior to V01.01.01; Extension Unit 15\\\" PROFINET prior to V01.01.01; Extension Unit 19\\\" PROFINET prior to V01.01.01; Extension Unit 22\\\" PROFINET SIMATIC CP 1242-7 GPRS V2 prior to V2.1.82; SIMATIC CP 1243-7 LTE/US prior to V2.1.82; SIMATIC CP 1243-8 prior to V2.1.82; SIMATIC CP 1626 V1.1 previous version",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2680",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-023-02",
        "trust": 2.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-293562",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-284673",
        "trust": 2.0
      },
      {
        "db": "BID",
        "id": "98369",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-546832",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1038463",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-129-02",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-128-01",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134",
        "trust": 0.8
      },
      {
        "db": "IVD",
        "id": "296C9514-B30D-4FA5-BCDC-9D8B2E9620C4",
        "trust": 0.2
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-99023",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "id": "VAR-201705-3220",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      }
    ],
    "trust": 1.5467968472
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:02.371000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-293562",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "title": "Patch for a number of Siemens products with a denial of service vulnerability (CNVD-2017-06151)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/93364"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70052"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-02"
      },
      {
        "trust": 2.0,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/98369"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-546832.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-284673.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1038463"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-02"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-546832.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-284673.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
      },
      {
        "trust": 0.9,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2680"
      },
      {
        "trust": 0.8,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-128-01"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2680"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-129-02"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "IVD",
        "id": "296c9514-b30d-4fa5-bcdc-9d8b2e9620c4"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "date": "2017-05-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "date": "2017-05-08T00:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2017-06-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "date": "2017-05-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "date": "2017-05-11T01:29:05.400000",
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06151"
      },
      {
        "date": "2020-09-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110883"
      },
      {
        "date": "2018-05-09T14:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2018-05-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      },
      {
        "date": "2022-02-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      },
      {
        "date": "2024-11-21T03:23:57.563000",
        "db": "NVD",
        "id": "CVE-2017-2680"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Siemens Service disruption in products  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004134"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-574"
      }
    ],
    "trust": 0.6
  }
}

var-201910-1595
Vulnerability from variot

Affected devices improperly handle large amounts of specially crafted UDP packets.

This could allow an unauthenticated remote attacker to trigger a denial of service condition. Several Siemens products are vulnerable to resource exhaustion.Denial of service (DoS) May be in a state. Siemens SIMATIC CFU PA and so on are the products of Germany's Siemens company. Siemens SIMATIC CFU PA is a compact field device. SIMATIC ET 200AL is a distributed I / O system module. SIMATIC ET 200M is a modular I / O system module for control cabinets for high density channel applications. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), SIMATIC CFU PA (All versions < V1.2.0), SIMATIC ET 200AL (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM 155-5 PN BA (All versions < V4.3.0), SIMATIC ET 200MP IM 155-5 PN HF (All versions), SIMATIC ET 200MP IM 155-5 PN ST (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM 155-6 PN BA (All versions), SIMATIC ET 200SP IM 155-6 PN HA (All versions), SIMATIC ET 200SP IM 155-6 PN HF (All versions < V4.2.2), SIMATIC ET 200SP IM 155-6 PN HS (All versions), SIMATIC ET 200SP IM 155-6 PN ST (All versions), SIMATIC ET 200SP IM 155-6 PN/2 HF (All versions < V4.2.2), SIMATIC ET 200SP IM 155-6 PN/3 HF (All versions < V4.2.1), SIMATIC ET 200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET 200pro (All versions), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions), SIMATIC HMI Comfort Panels 4" - 22" (All versions), SIMATIC HMI KTP Mobile Panels (All versions), SIMATIC PN/PN Coupler (All versions), SIMATIC PROFINET Driver (All versions < V2.1), SIMATIC S7-1200 CPU family (incl. F) (All versions), SIMATIC S7-1500 CPU family (incl. F) (All versions < V2.0), SIMATIC S7-300 CPU family (incl. F) (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-400 V6 (incl F) and below (All versions), SIMATIC S7-400H V6 (All versions < V6.0.9), SIMATIC S7-410 V8 (All versions), SIMATIC WinAC RTX (F) 2010 (All versions < SIMATIC WinAC RTX 2010 SP3), SINAMICS DCM (All versions < V1.5 HF1), SINAMICS DCP (All versions), SINAMICS G110M V4.7 (PN Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G120 V4.7 (PN Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G130 V4.7 (Control Unit) (All versions < 4.8), SINAMICS G150 (Control Unit) (All versions < 4.8), SINAMICS GH150 V4.7 (Control Unit) (All versions), SINAMICS GL150 V4.7 (Control Unit) (All versions), SINAMICS GM150 V4.7 (Control Unit) (All versions), SINAMICS S110 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit) (All versions), SINAMICS S150 (Control Unit) (All versions < 4.8), SINAMICS SL150 V4.7 (Control Unit) (All versions < V4.7 HF33), SINAMICS SM120 V4.7 (Control Unit) (All versions), SINUMERIK 828D (All versions < V4.8 SP5), SINUMERIK 840D sl (All versions). The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. The following products and versions are affected: Siemens SIMATIC S7-1500 CPU series (including: related ET200 CPUs and SIPLUS variants); SIMATIC S7-1500 Software Controller; SIMATIC TDC CP51M1; SIMATIC TDC CPU555; SINAMICS DCM, etc

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1595",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic cfu pa",
        "scope": "lt",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "1.2.0"
      },
      {
        "model": "simatic profinet driver",
        "scope": "lt",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200al",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200m",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sinumerik 828d",
        "version": "4.8"
      },
      {
        "model": "simatic s7-400 dp v7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-300 cpu 314",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics gl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics g120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic et 200sp im 155-6 pn hs",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-1500 cpu 1512c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic s7-1500t cpu",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic et 200sp im 155-6 pn\\/3 hf",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "sinamics dcm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "ek-ertec 200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic pn\\/pn coupler",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "simatic s7-1200 cpu 1214c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic s7-400 v6",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.9"
      },
      {
        "model": "sinamics g110m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic s7-300 cpu 315",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic et 200ecopn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200sp im 155-6 pn st",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200sp im 155-6 pn\\/2 hf",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.2"
      },
      {
        "model": "sinamics s110",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic s7-1200 cpu 1212c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "simatic et 200mp im 155-5 pn hf",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "simatic s7-300 cpu 313",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic s7-300 cpu 318-2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic s7-300 cpu 312 ifm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic et 200pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1200 cpu",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "sinamics g110m",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic et 200sp im 155-6 pn ba",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-410 v8",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2.2"
      },
      {
        "model": "simatic et 200mp im 155-5 pn ba",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.3.0"
      },
      {
        "model": "simatic s7-300 cpu 316-2 dp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinamics gm150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic s7-300 cpu",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic winac rtx \\",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "ek-ertec 200p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.6"
      },
      {
        "model": "simatic et 200m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-300 cpu 314 ifm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 cpu 1511c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic s7-300 cpu 315-2 dp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ek-ertec 200p",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.6"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 cpu 1518",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic winac rtx \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics dcp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.3"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-400 pn v7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200sp im 155-6 pn ha",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500s cpu",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic s7-400h v6",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.9"
      },
      {
        "model": "sinamics g120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic et 200al",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic et 200sp im 155-6 pn hf",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.2"
      },
      {
        "model": "simatic et 200mp im 155-5 pn st",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1200 cpu 1211c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "simatic s7-1500 cpu",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "ek-ertec 200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200p p",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cfu pa",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp im 155-5 pn ba",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp im 155-5 pn hf",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp im 155-5 pn st",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200 cpu family",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "200"
      },
      {
        "model": "ek-ertec 200p",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp im pn ba",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-5\u003c4.2.3"
      },
      {
        "model": "simatic et 200mp im pn hf",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-5"
      },
      {
        "model": "simatic et 200mp im pn st",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-5"
      },
      {
        "model": "simatic et 200sp im pn ba",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-6"
      },
      {
        "model": "simatic et 200sp im pn ha",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-6"
      },
      {
        "model": "simatic et 200sp im pn hf",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-6\u003c4.2.2"
      },
      {
        "model": "simatic et 200sp im pn hs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-6"
      },
      {
        "model": "simatic et 200sp im pn st",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-6"
      },
      {
        "model": "simatic et 200sp im pn/2 hf",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-6\u003c4.2.2"
      },
      {
        "model": "simatic et 200sp im pn/3 hf",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "155-6\u003c4.2.1"
      },
      {
        "model": "simatic et 200ecopn",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200pro",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\" \u0026 15\"",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels 4\" 22\"",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pn/pn coupler",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu family",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-300 cpu family",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400 pn/dp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7"
      },
      {
        "model": "simatic s7-400 and below",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6"
      },
      {
        "model": "simatic s7-400h",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6\u003c6.0.9"
      },
      {
        "model": "simatic s7-410",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics dcm",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g110m sp10 hf5",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7\u003cv4.7"
      },
      {
        "model": "sinamics g120 sp10 hf5",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7\u003cv4.7"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics g150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics s110",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics s150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinumerik 828d sp5",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.8"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "dk standard ethernet controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200s",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp im 155 6 pn ba",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp im 155 6 pn ha",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp im 155 6 pn hf",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp im 155 6 pn hs",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp im 155 6 pn st",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp im 155 6 pn 2 hf",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp im 155 6 pn 3 hf",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200ecopn",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200pro",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort outdoor panels 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort outdoor panels 15",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels 4",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels 22",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pn pn coupler",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic profinet driver",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1211c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1212c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200p",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200 cpu 1214c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500s cpu",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500t cpu",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu 1518",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu 1511c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 cpu 1512c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 312 ifm",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 313",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cfu pa",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 314",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 314 ifm",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 315",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 315 2 dp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 316 2 dp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 318 2",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 pn v7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 dp v7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 v6",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400h v6",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200al",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 410 v8",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx f 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": "1.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics gl150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics gm150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s110",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics sl150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics sm120",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinumerik 828d",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinumerik 840d sl",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp im 155 5 pn ba",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp im 155 5 pn hf",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp im 155 5 pn st",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cfu_pa_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_im_155-5_pn_ba_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_im_155-5_pn_hf_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_im_155-5_pn_st_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported this vulnerability to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10936",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-10936",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-36853",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "ea2714fa-253a-4380-82d5-35652a5540fb",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-142532",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-10936",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-10936",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10936",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2019-10936",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10936",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-36853",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201910-639",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "ea2714fa-253a-4380-82d5-35652a5540fb",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142532",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Affected devices improperly handle large amounts of specially crafted UDP packets. \r\n\r\nThis could allow an unauthenticated remote attacker to trigger a denial of service condition. Several Siemens products are vulnerable to resource exhaustion.Denial of service (DoS) May be in a state. Siemens SIMATIC CFU PA and so on are the products of Germany\u0027s Siemens company. Siemens SIMATIC CFU PA is a compact field device. SIMATIC ET 200AL is a distributed I / O system module. SIMATIC ET 200M is a modular I / O system module for control cabinets for high density channel applications. A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions), SIMATIC CFU PA (All versions \u003c V1.2.0), SIMATIC ET 200AL (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM 155-5 PN BA (All versions \u003c V4.3.0), SIMATIC ET 200MP IM 155-5 PN HF (All versions), SIMATIC ET 200MP IM 155-5 PN ST (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM 155-6 PN BA (All versions), SIMATIC ET 200SP IM 155-6 PN HA (All versions), SIMATIC ET 200SP IM 155-6 PN HF (All versions \u003c V4.2.2), SIMATIC ET 200SP IM 155-6 PN HS (All versions), SIMATIC ET 200SP IM 155-6 PN ST (All versions), SIMATIC ET 200SP IM 155-6 PN/2 HF (All versions \u003c V4.2.2), SIMATIC ET 200SP IM 155-6 PN/3 HF (All versions \u003c V4.2.1), SIMATIC ET 200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET 200pro (All versions), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions), SIMATIC HMI Comfort Panels 4\" - 22\" (All versions), SIMATIC HMI KTP Mobile Panels (All versions), SIMATIC PN/PN Coupler (All versions), SIMATIC PROFINET Driver (All versions \u003c V2.1), SIMATIC S7-1200 CPU family (incl. F) (All versions), SIMATIC S7-1500 CPU family (incl. F) (All versions \u003c V2.0), SIMATIC S7-300 CPU family (incl. F) (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC S7-400 V6 (incl F) and below (All versions), SIMATIC S7-400H V6 (All versions \u003c V6.0.9), SIMATIC S7-410 V8 (All versions), SIMATIC WinAC RTX (F) 2010 (All versions \u003c SIMATIC WinAC RTX 2010 SP3), SINAMICS DCM (All versions \u003c V1.5 HF1), SINAMICS DCP (All versions), SINAMICS G110M V4.7 (PN Control Unit) (All versions \u003c V4.7 SP10 HF5), SINAMICS G120 V4.7 (PN Control Unit) (All versions \u003c V4.7 SP10 HF5), SINAMICS G130 V4.7 (Control Unit) (All versions \u003c 4.8), SINAMICS G150 (Control Unit) (All versions \u003c 4.8), SINAMICS GH150 V4.7 (Control Unit) (All versions), SINAMICS GL150 V4.7 (Control Unit) (All versions), SINAMICS GM150 V4.7 (Control Unit) (All versions), SINAMICS S110 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit) (All versions), SINAMICS S150 (Control Unit) (All versions \u003c 4.8), SINAMICS SL150 V4.7 (Control Unit) (All versions \u003c V4.7 HF33), SINAMICS SM120 V4.7 (Control Unit) (All versions), SINUMERIK 828D (All versions \u003c V4.8 SP5), SINUMERIK 840D sl (All versions). The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. The following products and versions are affected: Siemens SIMATIC S7-1500 CPU series (including: related ET200 CPUs and SIPLUS variants); SIMATIC S7-1500 Software Controller; SIMATIC TDC CP51M1; SIMATIC TDC CPU555; SINAMICS DCM, etc",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142532"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10936",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-473245",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-283-02",
        "trust": 1.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3813",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3813.3",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "EA2714FA-253A-4380-82D5-35652A5540FB",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142532",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "id": "VAR-201910-1595",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142532"
      }
    ],
    "trust": 1.6334674204444446
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:58:29.466000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-473245",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf"
      },
      {
        "title": "Patch for Multiple Siemens Product Denial of Service Vulnerabilities (CNVD-2019-36853)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/186551"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-473245.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-283-02"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10936"
      },
      {
        "trust": 1.2,
        "url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-profinet-udp-packets-30562"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-473245.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10936"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3813/"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-283-02"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3813.3/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142532"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-23T00:00:00",
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142532"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      },
      {
        "date": "2019-10-10T14:15:14.707000",
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-36853"
      },
      {
        "date": "2023-01-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142532"
      },
      {
        "date": "2019-11-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      },
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      },
      {
        "date": "2024-11-21T04:20:11.257000",
        "db": "NVD",
        "id": "CVE-2019-10936"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple Siemens products vulnerable to resource depletion",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010605"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Resource management error",
    "sources": [
      {
        "db": "IVD",
        "id": "ea2714fa-253a-4380-82d5-35652a5540fb"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-639"
      }
    ],
    "trust": 0.8
  }
}

var-201904-0174
Vulnerability from variot

The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device.

The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0174",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sinamics s210",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-plcsim advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1.3"
      },
      {
        "model": "simatic s7-1500s",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.6.1"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-400 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simocode pro v pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.3"
      },
      {
        "model": "sinamics gm150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic s7-1500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.6.1"
      },
      {
        "model": "simatic cp443-1 advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sitop manager",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic et 200 sp open controller cpu 1515sp pc2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics g130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "cp1604",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics s120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "sitop psu8600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic cp443-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simocode pro v eip",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.3"
      },
      {
        "model": "simatic s7-plcsim advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic s7-400 pn\\/dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sitop ups1600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics sm150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simatic rf182c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic rf600r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.1"
      },
      {
        "model": "cp1616",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic teleservice adapter ie standard",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic rf185c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "simatic rf186c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-1500t",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.6.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic s7-300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gh150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic rf188c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic et 200 sp open controller cpu 1515sp pc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.6"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simatic winac rtx",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics sl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic cp443-1 opc ua",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic rf181-eip",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "tim 1531 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic s7-1500f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.6.1"
      },
      {
        "model": "simatic cp343-1 advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics s210",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1604",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1616",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200 sp open controller cpu 1515sp pc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200 sp open controller cpu 1515sp pc2",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf185c",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "sinamics s150",
        "version": "5.1"
      },
      {
        "model": "simatic winac rtx sp2 all",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic s7-300 cpu family all",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400 pn/dp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g130 and g150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf182c",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp443-1 opc ua",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf188c",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf600r",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "cp1604",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "cp1616",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et sp open controller cpu 1515sp pc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "200\u003cv2.1.6"
      },
      {
        "model": "simatic hmi comfort panels 4\" 22\"",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu family",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400 pn",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6"
      },
      {
        "model": "sinamics s150",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s210",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.1"
      },
      {
        "model": "sinamics s210 sp1",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.1"
      },
      {
        "model": "tim irc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1531"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\" \u0026 15\"",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf181-eip",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf186c",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-plcsim advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie standard",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simocode pro eip",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v"
      },
      {
        "model": "simocode pro pn",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v"
      },
      {
        "model": "sitop manager",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop psu8600",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop ups1600",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siamtic rf185c",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp343-1 advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp443-1",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp443-1 advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et sp open controller cpu 1515sp pc2",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "200"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinamics s210",
        "version": "5.1"
      },
      {
        "model": "tim irc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15310"
      },
      {
        "model": "sitop ups1600",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sitop psu8600",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sitop manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics s210 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics s150 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics s150 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.6"
      },
      {
        "model": "sinamics s120 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics s120 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.6"
      },
      {
        "model": "sinamics g150 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics g150 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.6"
      },
      {
        "model": "sinamics g130 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics g130 sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.6"
      },
      {
        "model": "simocode pro pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v0"
      },
      {
        "model": "simocode pro eip",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v0"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "20100"
      },
      {
        "model": "simatic teleservice adapter ie standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-plcsim advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-400 pn/dp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7"
      },
      {
        "model": "simatic s7-400 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v60"
      },
      {
        "model": "simatic s7-300 cpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1500 cpu",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf600r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf188c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf186c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf185c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf182c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi ktp900f mobile",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi ktp900 mobile",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi ktp700f mobile",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi ktp700 mobile",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi ktp400f mobile",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi ktp mobile panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic et200 open controller cpu 1515sp pc2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic et200 open controller cpu 1515sp pc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic cp opc ua",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "simatic cp advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "simatic cp advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "343-10"
      },
      {
        "model": "rfid 181-eip",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16160"
      },
      {
        "model": "cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16040"
      },
      {
        "model": "sinamics s150 sp1 hf4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics s150 hf6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics s120 sp1 hf4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics s120 hf6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics g150 sp1 hf4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics g150 hf6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics g130 sp1 hf4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "5.1"
      },
      {
        "model": "sinamics g130 hf6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-300 cpu",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "v3.x.16"
      },
      {
        "model": "simatic et200 open controller cpu 1515sp pc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.1.6"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cp1604",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp400f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp700",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp700f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp900",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi ktp mobile panels ktp900f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp443 1 opc ua",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic ipc diagmonitor",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 plcsim advanced",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime advanced",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sitop manager",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf600r",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf188c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf186c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cp1616",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf182c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf181 eip",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 pn",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 pn dp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie advanced",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie basic",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie standard",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx 2010",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf185c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simocode pro v eip",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simocode pro v pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s210",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sitop psu8600",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sitop ups1600",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "tim 1531 irc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp343 1 advanced",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500f",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500s",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500t",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp443 1",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp443 1 advanced",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200 sp open controller cpu 1515sp pc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200 sp open controller cpu 1515sp pc2",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort outdoor panels",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "BID",
        "id": "107842"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp343-1_advanced_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_outdoor_panels_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf185c_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported this vulnerability to NCCIC.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-6568",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-6568",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-12904",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-158003",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-6568",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-6568",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-6568",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2019-6568",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-6568",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-12904",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201904-458",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-158003",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158003"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device. \r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device. Multiple Siemens products contain input validation vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. SiemensCP, SIAMTIC, SIMOCODE, SINAMICS, SITOP and TIM are all devices manufactured by Siemens. Multiple Siemens products are prone to an unspecified denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. A vulnerability has been identified in CP1604, CP1616, SIMATIC CP343-1 Advanced, SIMATIC CP443-1, SIMATIC CP443-1 Advanced, SIMATIC CP443-1 OPC UA, SIMATIC ET 200 SP Open Controller CPU 1515SP PC, SIMATIC ET 200 SP Open Controller CPU 1515SP PC2, SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF181-EIP, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, SIMATIC RF600R, SIMATIC S7-1500 CPU family, SIMATIC S7-1500 Software Controller, SIMATIC S7-300 CPU family, SIMATIC S7-400 PN (incl. F) V6 and below, SIMATIC S7-400 PN/DP V7 (incl. F), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP, SIMOCODE pro V PN, SINAMICS G130 V4.6 (Control Unit), SINAMICS G130 V4.7 (Control Unit), SINAMICS G130 V4.7 SP1 (Control Unit), SINAMICS G130 V4.8 (Control Unit), SINAMICS G130 V5.1 (Control Unit), SINAMICS G130 V5.1 SP1 (Control Unit), SINAMICS G150 V4.6 (Control Unit), SINAMICS G150 V4.7 (Control Unit), SINAMICS G150 V4.7 SP1 (Control Unit), SINAMICS G150 V4.8 (Control Unit), SINAMICS G150 V5.1 (Control Unit), SINAMICS G150 V5.1 SP1 (Control Unit), SINAMICS GH150 V4.7 (Control Unit), SINAMICS GH150 V4.8 (Control Unit), SINAMICS GL150 V4.7 (Control Unit), SINAMICS GL150 V4.8 (Control Unit), SINAMICS GM150 V4.7 (Control Unit), SINAMICS GM150 V4.8 (Control Unit), SINAMICS S120 V4.6 (Control Unit), SINAMICS S120 V4.7 (Control Unit), SINAMICS S120 V4.7 SP1 (Control Unit), SINAMICS S120 V4.8 (Control Unit), SINAMICS S120 V5.1 (Control Unit), SINAMICS S120 V5.1 SP1 (Control Unit), SINAMICS S150 V4.6 (Control Unit), SINAMICS S150 V4.7 (Control Unit), SINAMICS S150 V4.7 SP1 (Control Unit), SINAMICS S150 V4.8 (Control Unit), SINAMICS S150 V5.1 (Control Unit), SINAMICS S150 V5.1 SP1 (Control Unit), SINAMICS S210 V5.1 (Control Unit), SINAMICS S210 V5.1 SP1 (Control Unit), SINAMICS SL150 V4.7 (Control Unit), SINAMICS SL150 V4.8 (Control Unit), SINAMICS SM120 V4.7 (Control Unit), SINAMICS SM120 V4.8 (Control Unit), SINAMICS SM150 V4.8 (Control Unit), SITOP Manager, SITOP PSU8600, SITOP UPS1600, TIM 1531 IRC. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. CP1616 is a communications processor. SIMATIC S7-1500 is a programmable logic controller. The vulnerability stems from the failure of the network system or product to properly validate the input data",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "BID",
        "id": "107842"
      },
      {
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158003"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-6568",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-099-06",
        "trust": 2.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-480230",
        "trust": 2.0
      },
      {
        "db": "SIEMENS",
        "id": "SSA-530931",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-227-04",
        "trust": 1.4
      },
      {
        "db": "BID",
        "id": "107842",
        "trust": 1.0
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3150",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1204.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "A397CC8B-EE17-4FAF-8447-E9EE5F57DD12",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-158003",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158003"
      },
      {
        "db": "BID",
        "id": "107842"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "id": "VAR-201904-0174",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158003"
      }
    ],
    "trust": 1.5998432480392157
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:25:58.024000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-480230",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
      },
      {
        "title": "SSA-530931",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
      },
      {
        "title": "Patches for multiple Siemens product denial of service vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/160237"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=91286"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158003"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-06"
      },
      {
        "trust": 2.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-227-04"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6568"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6568"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3150/"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-06"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-099-06"
      },
      {
        "trust": 0.6,
        "url": "https://www.securityfocus.com/bid/107842"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-webserver-28976"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/78710"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158003"
      },
      {
        "db": "BID",
        "id": "107842"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158003"
      },
      {
        "db": "BID",
        "id": "107842"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-05T00:00:00",
        "db": "IVD",
        "id": "a397cc8b-ee17-4faf-8447-e9ee5f57dd12"
      },
      {
        "date": "2019-05-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "date": "2019-04-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158003"
      },
      {
        "date": "2019-04-09T00:00:00",
        "db": "BID",
        "id": "107842"
      },
      {
        "date": "2019-05-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "date": "2019-04-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      },
      {
        "date": "2019-04-17T14:29:03.683000",
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-12904"
      },
      {
        "date": "2023-01-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158003"
      },
      {
        "date": "2019-04-09T00:00:00",
        "db": "BID",
        "id": "107842"
      },
      {
        "date": "2019-08-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      },
      {
        "date": "2023-04-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      },
      {
        "date": "2024-11-21T04:46:42.773000",
        "db": "NVD",
        "id": "CVE-2019-6568"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability related to input validation in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003541"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-458"
      }
    ],
    "trust": 0.6
  }
}

var-201910-1596
Vulnerability from variot

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. Multiple Siemens products are vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SIMATIC S7-300 CPU is a modular universal controller for the manufacturing industry from Siemens. The products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. SIMATIC WinAC RTX (F) 2010 is a simatic software controller for PC-based automation solutions. Siemens SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human machine interfaces (HMIs).

A denial of service vulnerability exists in several Siemens products. A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions < V4.5.0 Patch 01), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions < V4.5.0), SCALANCE X-200IRT (All versions < V5.2.1), SIMATIC ET 200M (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET 200pro (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (All versions), SIMATIC S7-300 CPU family (incl. F) (All versions), SIMATIC S7-400 (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions < SIMATIC WinAC RTX 2010 SP3), SIMOTION (All versions), SINAMICS DCM (All versions < V1.5 HF1), SINAMICS DCP (All versions), SINAMICS G110M V4.7 (Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G120 V4.7 (Control Unit) (All versions < V4.7 SP10 HF5), SINAMICS G130 V4.7 (Control Unit) (All versions < V4.7 HF29), SINAMICS G150 (Control Unit) (All versions < V4.8), SINAMICS GH150 V4.7 (Control Unit) (All versions), SINAMICS GL150 V4.7 (Control Unit) (All versions), SINAMICS GM150 V4.7 (Control Unit) (All versions), SINAMICS S110 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit and CBE20) (All versions < V4.7 HF34), SINAMICS S150 (Control Unit) (All versions < V4.8), SINAMICS SL150 V4.7 (Control Unit) (All versions), SINAMICS SM120 V4.7 (Control Unit) (All versions), SINUMERIK 828D (All versions < V4.8 SP5), SINUMERIK 840D sl (All versions). No user interaction is required to exploit this security vulnerability. The vulnerability impacts the availability of the affected installations. Siemens CP1616, etc. are all products of Siemens (Siemens) in Germany. CP1616 is a communications processor. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. SCALANCE X-200IRT is an industrial Ethernet switch. The following products and versions are affected: Siemens SIMATIC NET CP 1616 before V2.8; SINUMERIK 840D sl (all versions); SCALANCE X-200IRT series (including SIPLUS NET variants) before V5.2.1; SIMATIC ET200S (including SIPLUS variants) (full version) etc

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201910-1596",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic et 200m",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200ecopn",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pn/pn coupler 6es7158-3ad01-0xa0",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sinumerik 828d",
        "version": "4.8"
      },
      {
        "model": "simatic s7-300 cpu 312 ifm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "simatic s7-400 dp v7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g110m",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-300 cpu 314",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic s7-300 cpu 313",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic s7-300 cpu 316-2 dp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinamics gl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "cp1604",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.8"
      },
      {
        "model": "sinamics g120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics g130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic s7-300 cpu",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinamics s120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic pn\\/pn coupler 6es7158-3ad01-0xa0",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic winac rtx \\",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ek-ertec 200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5.0"
      },
      {
        "model": "simatic et 200m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-300 cpu 314 ifm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic s7-400 v6",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance x-200irt",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2.1"
      },
      {
        "model": "simatic s7-300 cpu 315-2 dp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinamics dcm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "cp1616",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.8"
      },
      {
        "model": "simatic et 200s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "ek-ertec 200p",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5.0"
      },
      {
        "model": "sinamics g110m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-300 cpu 315",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gh150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic winac rtx \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic et 200ecopn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ek-ertec 200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5.0"
      },
      {
        "model": "sinamics dcp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.3"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-400 pn v7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics s110",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sl150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.5"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic s7-300 cpu 318-2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "cp1604",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "cp1616",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "dk standard ethernet controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200p p",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x-200irt",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200pro",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 840d sl",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "cp1604",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v2.8"
      },
      {
        "model": "cp1616",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v2.8"
      },
      {
        "model": "dk standard ethernet controller patch",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.1.105"
      },
      {
        "model": "ek-ertec 200p patch",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.5.001"
      },
      {
        "model": "ek-ertec 200p",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.5.0"
      },
      {
        "model": "scalance x-200irt",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v5.2.1"
      },
      {
        "model": "simatic s7-300 cpu family",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400 and below",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic s7-400 pn/dp",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7"
      },
      {
        "model": "sinamics dcm hf1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v1.5"
      },
      {
        "model": "sinumerik 828d sp5",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.8"
      },
      {
        "model": "sinamics g110m sp10 hf5",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7\u003cv4.7"
      },
      {
        "model": "sinamics g120 sp10 hf5",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7\u003cv4.7"
      },
      {
        "model": "sinamics g130 hf29",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7\u003cv4.7"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.8"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics s110",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120 hf34",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7\u003cv4.7"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.8"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v4.7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "dk standard ethernet controller",
        "version": "4.1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cp1604",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pn pn coupler 6es7158 3ad01 0xa0",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 312 ifm",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 313",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 314",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 314 ifm",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 315",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 315 2 dp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 316 2 dp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300 cpu 318 2",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "cp1616",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 v6",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 pn v7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400 dp v7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx f 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": "1.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcp",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m",
        "version": "4.7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g120",
        "version": "4.7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "4.7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "dk standard ethernet controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics gh150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics gl150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics gm150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s110",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "4.7"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics sl150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics sm120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinumerik 828d",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200",
        "version": "4.5.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinumerik 840d sl",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200p",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x 200irt",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200s",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200ecopn",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:cp1604_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:cp1616_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x-200irt_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_pn%2fpn_coupler_6es7158-3ad01-0xa0_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported this vulnerability to CISA. Artem Zinenko of Kaspersky reported to Siemens that SIPLUS is also affected.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10923",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-10923",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-41280",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-142518",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-10923",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-10923",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10923",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2019-10923",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10923",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-41280",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201910-565",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142518",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142518"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization (IRT) of the affected installation. Multiple Siemens products are vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. The Siemens SIMATIC S7-300 CPU is a modular universal controller for the manufacturing industry from Siemens. The products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. SIMATIC WinAC RTX (F) 2010 is a simatic software controller for PC-based automation solutions. Siemens SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human machine interfaces (HMIs). \n\nA denial of service vulnerability exists in several Siemens products. A vulnerability has been identified in CP1604 (All versions \u003c V2.8), CP1616 (All versions \u003c V2.8), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions \u003c V4.1.1 Patch 05), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions \u003c V4.5.0 Patch 01), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All versions \u003c V4.5.0), SCALANCE X-200IRT (All versions \u003c V5.2.1), SIMATIC ET 200M (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET 200pro (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (All versions), SIMATIC S7-300 CPU family (incl. F) (All versions), SIMATIC S7-400 (incl. F) V6 and below (All versions), SIMATIC S7-400 PN/DP V7 (incl. F) (All versions), SIMATIC WinAC RTX (F) 2010 (All versions \u003c SIMATIC WinAC RTX 2010 SP3), SIMOTION (All versions), SINAMICS DCM (All versions \u003c V1.5 HF1), SINAMICS DCP (All versions), SINAMICS G110M V4.7 (Control Unit) (All versions \u003c V4.7 SP10 HF5), SINAMICS G120 V4.7 (Control Unit) (All versions \u003c V4.7 SP10 HF5), SINAMICS G130 V4.7 (Control Unit) (All versions \u003c V4.7 HF29), SINAMICS G150 (Control Unit) (All versions \u003c V4.8), SINAMICS GH150 V4.7 (Control Unit) (All versions), SINAMICS GL150 V4.7 (Control Unit) (All versions), SINAMICS GM150 V4.7 (Control Unit) (All versions), SINAMICS S110 (Control Unit) (All versions), SINAMICS S120 V4.7 (Control Unit and CBE20) (All versions \u003c V4.7 HF34), SINAMICS S150 (Control Unit) (All versions \u003c V4.8), SINAMICS SL150 V4.7 (Control Unit) (All versions), SINAMICS SM120 V4.7 (Control Unit) (All versions), SINUMERIK 828D (All versions \u003c V4.8 SP5), SINUMERIK 840D sl (All versions). No user interaction is required to exploit this security vulnerability. The vulnerability impacts the availability of the affected installations. Siemens CP1616, etc. are all products of Siemens (Siemens) in Germany. CP1616 is a communications processor. SINUMERIK 840D sl is a set of advanced machine tool numerical control system. SCALANCE X-200IRT is an industrial Ethernet switch. The following products and versions are affected: Siemens SIMATIC NET CP 1616 before V2.8; SINUMERIK 840D sl (all versions); SCALANCE X-200IRT series (including SIPLUS NET variants) before V5.2.1; SIMATIC ET200S (including SIPLUS variants) (full version) etc",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142518"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10923",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-349422",
        "trust": 2.3
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-283-01",
        "trust": 1.4
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3812",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3812.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "B7DE1C6D-2642-4DF7-860F-BFE6735515F5",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142518",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142518"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "id": "VAR-201910-1596",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142518"
      }
    ],
    "trust": 1.6269844772727273
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:41:18.618000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-349422",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf"
      },
      {
        "title": "Patch for Multiple Siemens Product Denial of Service Vulnerabilities (CNVD-2019-41280)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/184335"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142518"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-349422.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-283-01"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10923"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-349422.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10923"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3812/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3812.2/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-denial-of-service-via-irt-30559"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-283-01"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142518"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142518"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-11-19T00:00:00",
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "date": "2019-10-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142518"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      },
      {
        "date": "2019-10-10T14:15:14.503000",
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-11-19T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-41280"
      },
      {
        "date": "2023-01-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142518"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      },
      {
        "date": "2023-05-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      },
      {
        "date": "2024-11-21T04:20:09.600000",
        "db": "NVD",
        "id": "CVE-2019-10923"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability related to resource depletion in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-010610"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Resource management error",
    "sources": [
      {
        "db": "IVD",
        "id": "b7de1c6d-2642-4df7-860f-bfe6735515f5"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201910-565"
      }
    ],
    "trust": 0.8
  }
}

var-202105-0689
Vulnerability from variot

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition. Multiple Siemens products are vulnerable to resource allocation without restrictions or throttling.Denial of service (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Germany's Siemens (Siemens) company. Provides a function to access the smartserver in the HMI.

SmartVNC has a buffer overflow vulnerability. No detailed vulnerability details are currently provided. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202105-0689",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinamics sm150i",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels 15\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 4\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic hmi comfort panels 22\\\"",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinamics sh150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics sh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm120",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150i",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels 7\"",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gh150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics sm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gl150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "sinamics gm150",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "smartvnc",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2021-27383",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2021-27383",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2021-37595",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-27383",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2021-27383",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-27383",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2021-27383",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2021-37595",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202104-975",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202105-550",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-27383",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27383"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition. Multiple Siemens products are vulnerable to resource allocation without restrictions or throttling.Denial of service (DoS) It may be put into a state. Siemens SmartVNC is an industrial control equipment of Germany\u0027s Siemens (Siemens) company. Provides a function to access the smartserver in the HMI. \n\r\n\r\nSmartVNC has a buffer overflow vulnerability. No detailed vulnerability details are currently provided. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-27383"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27383"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-27383",
        "trust": 3.9
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-12",
        "trust": 2.5
      },
      {
        "db": "SIEMENS",
        "id": "SSA-286838",
        "trust": 1.7
      },
      {
        "db": "SIEMENS",
        "id": "SSA-538778",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU91051134",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021041363",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2021051206",
        "trust": 0.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-21-131-04",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27383",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27383"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "id": "VAR-202105-0689",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      }
    ],
    "trust": 1.205898611111111
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      }
    ]
  },
  "last_update_date": "2024-08-14T12:12:16.353000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-286838 Siemens\u00a0Security\u00a0Advisory",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "title": "Patch for Siemens SmartVNC buffer overflow vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/268266"
      },
      {
        "title": "Siemens SmartVNC Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=151560"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=43c9c77785b8d29daef02185f41ca476"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9465a8ef1f8c1b0042244cb02cfe271e"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27383"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-770",
        "trust": 1.0
      },
      {
        "problemtype": "Allocation of resources without limits or throttling (CWE-770) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-27383"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91051134/"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-131-12"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021051206"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-04"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/smartvnc-multiple-vulnerabilities-35360"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/770.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-286838.txt"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27383"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-27383"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "date": "2021-05-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27383"
      },
      {
        "date": "2022-01-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "date": "2021-04-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      },
      {
        "date": "2021-05-12T14:15:11.633000",
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-09-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2021-37595"
      },
      {
        "date": "2021-12-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-27383"
      },
      {
        "date": "2022-01-26T07:30:00",
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      },
      {
        "date": "2021-04-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      },
      {
        "date": "2021-10-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      },
      {
        "date": "2021-12-16T18:29:27.357000",
        "db": "NVD",
        "id": "CVE-2021-27383"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202105-550"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability in resource allocation without limits or throttling in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2021-006948"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202104-975"
      }
    ],
    "trust": 0.6
  }
}

var-201705-3221
Vulnerability from variot

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. SIMATIC HMI is an industrial device from Siemens AG, Germany. The SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions < V3.2.17), SIMATIC CP 443-1 Adv (All versions < V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions < V2.1.82), SIMATIC CP 1243-1 IRC (All versions < V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions < V2.0), SIMATIC CM 1542SP-1 (All versions < V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions < V1.0.15), SIMATIC CP 1543SP-1 (All versions < V1.0.15), SIMATIC CP 1543-1 (All versions < V2.1), SIMATIC RF650R (All versions < V3.0), SIMATIC RF680R (All versions < V3.0), SIMATIC RF685R (All versions < V3.0), SIMATIC CP 1616 (All versions < V2.7), SIMATIC CP 1604 (All versions < V2.7), SIMATIC DK-16xx PN IO (All versions < V2.7), SCALANCE X-200 (All versions < V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions < V4.1.0), SCALANCE X414 (All versions < V3.10.2), SCALANCE XM400 (All versions < V6.1), SCALANCE XR500 (All versions < V6.1), SCALANCE W700 (All versions < V6.1), SCALANCE M-800, S615 (All versions < V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions < V14 SP1), IE/PB-Link (All versions < V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions < V1.2.0), SITOP UPS1600 PROFINET (All versions < V2.2.0), SIMATIC ET 200AL (All versions < V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions < V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions < V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions < V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions < V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions < V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions < V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions < V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions < V2.3), SIMATIC S7-300 incl. F and T (All versions < V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.6), SIMATIC S7-400-H V6 (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions < V7.0.2), SIMATIC S7-410 (All versions < V8.2), SIMATIC S7-1200 incl. F (All versions < V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions < V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions < V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions < V2.0.0), SINAMICS DCM w. PN (All versions < V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions < V1.2 HF 1), SINAMICS G110M w. PN (All versions < V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions < V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions < V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions < V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions < V4.8 HF4), SINAMICS S110 w. PN (All versions < V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions < V4.7 HF27), and others. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Siemens SIMATIC S7-300 F, etc. Siemens SIMATIC S7-300 F is a process controller. SIMATIC HMI Comfort Panels are touch screens

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3221",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf650r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "scalance x414",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.10.2"
      },
      {
        "model": "simatic et 200sp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.0"
      },
      {
        "model": "scalance x200 irt",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.4.0"
      },
      {
        "model": "simatic cp 1243-1 dnp3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 1616",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cm 1542sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "sinamics g130",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1604",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics s110 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "simatic s7-1200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "ie\\/pb-link",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cm 1542-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic rf680r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp 1243-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "sinamics dcp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simotion",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.1"
      },
      {
        "model": "simatic teleservice adapter ie advanced modem",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic tdc cpu555",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.1"
      },
      {
        "model": "simatic et 200al",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.2"
      },
      {
        "model": "simatic dk-16xx pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "sinamics g150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics g110m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic s7-300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.3.17"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "scalance xr500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200ecopn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "scalance m-800",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic hmi multi panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance s615",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.03"
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "sinamics dcp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "simatic teleservice adapter ie basic modem",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sitop psu8600",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.2.0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "scalance x200",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.2.2"
      },
      {
        "model": "simatic s7-1500",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "simatic cp 1243-1 iec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic et 200pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinamics g110m",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "scalance xm400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "scalance x408",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.3"
      },
      {
        "model": "sirius act 3su1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.0"
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.2.1"
      },
      {
        "model": "simatic tdc cp51m1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.1.8"
      },
      {
        "model": "softnet profinet io",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14"
      },
      {
        "model": "simatic et 200mp",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0.1"
      },
      {
        "model": "sinamics dcm",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "simatic cp 1543-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "scalance w700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "simatic et 200m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics s150",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0.15"
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.2.17"
      },
      {
        "model": "simatic s7-400",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "6.0.6"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simocode pro v profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.0.0"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "ups1600 profinet",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.2.0"
      },
      {
        "model": "sinamics dcm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.4"
      },
      {
        "model": "simatic cp 1243-1",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1.82"
      },
      {
        "model": "ie\\/as-i link pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "sinamics v90 pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.01"
      },
      {
        "model": "scalance x300",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.1.0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2010"
      },
      {
        "model": "sinamics g130",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic rf685r",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.4.0"
      },
      {
        "model": "sinamics s150",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "pn\\/pn coupler",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.5"
      },
      {
        "model": "sinamics g120\\ pn",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "dk standard ethernet controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200 pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ek-ertec 200p pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/as-i link pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ie/pb-link",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "pn/pn coupler",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m-800",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w700",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200 irt",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x408",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance x414",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm400",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr500",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cm 1542-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1243-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1 irc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1543sp-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1604",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 1616",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 lean",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 343-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 adv",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp 443-1 std",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic dk-16xx pn io",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200al",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200ecopn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200mp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200pro",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200s",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200sp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi multi panels",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf650r",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf680r",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf685r",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1200",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-200 smart",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-300",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-400",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter ie basic",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic winac rtx 2010",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simocode pro v profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simotion",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcm",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics dcp",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g110m",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g120 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g130",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s150",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics v90 w. pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 828d",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik 840d sl",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius act 3su1 interface module profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius motor starter m200d profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop psu8600",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sitop ups1600 profinet",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "for pc-based windows systems firmware"
      },
      {
        "model": "simatic hmi multi panels",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics g150",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi mobile panels",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s120",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic hmi comfort panels",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinamics s110 w. pn",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 828d",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sinumerik 840d sl",
        "version": "*"
      },
      {
        "model": "ups1600 profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "softnet profinet io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sitop psu8600",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius soft starter 3rw44 pn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sirius act 3su1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 828d",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinamics sm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.5"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7.4"
      },
      {
        "model": "sinamics sl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gm150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gl150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics gh150",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simotion",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic winac rtx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "20100"
      },
      {
        "model": "simatic teleservice adapter standard modem",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-300",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-200 smart",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf685r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf680r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf650r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic et",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2000"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "343-10"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16260"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16160"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16040"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-12.0.28"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1543-10"
      },
      {
        "model": "simatic cp 1542sp-1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic cp irc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-80"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-70"
      },
      {
        "model": "simatic cp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-10"
      },
      {
        "model": "simatic cp gprs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v20"
      },
      {
        "model": "scalance xr500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance xm400",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4140"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4084.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x4083.0"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x3000"
      },
      {
        "model": "scalance irt",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "x2000"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.4"
      },
      {
        "model": "scalance w700 series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.5.4"
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.02"
      },
      {
        "model": "scalance m-800",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "ie/as-i link pn io",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?0"
      },
      {
        "model": "extension unit profinet",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?0"
      },
      {
        "model": "e/pb-link",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinumerik 840d sl",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinumerik 828d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.7"
      },
      {
        "model": "sinamics sm120 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics sl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gm150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gl150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "sinamics gh150 sp2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "4.8"
      },
      {
        "model": "simatic rf685r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic rf680r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "16162.7"
      },
      {
        "model": "simatic cp 1604d",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic cp irc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-82.1.82"
      },
      {
        "model": "simatic cp lte eu/us",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1243-72.1.82"
      },
      {
        "model": "simatic cp gprs",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1242-7v22.1.82"
      },
      {
        "model": "simatic rf650r",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-13.2.17"
      },
      {
        "model": "simatic cp",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15431.2.1"
      },
      {
        "model": "simatic cm1542",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.2"
      },
      {
        "model": "scalance w700",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "22?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "19?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "15?1.1.1"
      },
      {
        "model": "extension unit profinet",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "12?1.1.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1 irc",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543sp 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1543 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf650r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf680r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf685r",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1616",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1604",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic dk 16xx pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 lean",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x200 irt",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x408",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance x414",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xm400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance xr500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance w700",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance m 800",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "scalance s615",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "softnet profinet io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 343 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie pb link",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ie as i link pn io",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter standard modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie basic modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic teleservice adapter ie advanced modem",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sitop psu8600",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ups1600 profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200al",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200ecopn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200m",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 std",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200mp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200pro",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200s",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200sp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "pn pn coupler",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "dk standard ethernet controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200p pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "ek ertec 200 pn io",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 200 smart",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 300",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 adv",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 400",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1200",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 controller",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic winac rtx 2010",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius act 3su1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius soft starter 3rw44 pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sirius motor starter m200d profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simocode pro v profinet",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcm",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 443 1 opc ua",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics dcp",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g110m",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g120 c p d w pn",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g130",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics g150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s110 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s120",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics s150",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinamics v90 w pn",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simotion",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1243 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi comfort panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi multi panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic hmi mobile panels",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cm 1542 1",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp 1542sp 1",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:dk_standard_ethernet_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ek-ertec_200p_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fpb-link_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ie%2Fas-i_link_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:pn%2Fpn_coupler_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_m-800_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_s615_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_w700_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200irt_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x408_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_x414_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xm400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:scalance_xr500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cm_1542-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1243-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_irc_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1542sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1543sp-1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1604_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_1616_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_lean_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_343-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_adv_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_opc-ua_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_dk-16xx_pn_io_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200al_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200ecopn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200mp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200pro_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200s_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200sp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_comfort_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_mobile_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_hmi_multi_panels",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf650r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf680r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf685r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1200_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-200_smart_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-300_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-400_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_advanced_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_ie_basic_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_teleservice_adapter_standard_modem_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_winac_rtx_2010_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simocode_pro_v_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simotion_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcm_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_dcp_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g110m_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g120%28c%2Fp%2Fd%29_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g130_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_g150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics__s110_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s120_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_s150_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinamics_v90_w._pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_828d_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sinumerik_840d_sl_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_act_3su1_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_motor_starter_m200d_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sirius_soft_starter_3rw44_pn_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:sitop_psu8600_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:ups1600_profinet_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:softnet_profinet_io_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Duan JinTong, Ma ShaoShuai, and Cheng Lei from NSFOCUS Security Team.",
    "sources": [
      {
        "db": "BID",
        "id": "98369"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2017-2681",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2017-2681",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2017-06153",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "33467505-7492-4ae1-b978-12f61201709a",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.2,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-110884",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-2681",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-2681",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2681",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2017-2681",
            "trust": 1.0,
            "value": "High"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-2681",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-06153",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201705-639",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "IVD",
            "id": "33467505-7492-4ae1-b978-12f61201709a",
            "trust": 0.2,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110884",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of service condition of that product. Human interaction is required to recover the system. PROFIBUS interfaces are not affected. SIMATIC HMI is an industrial device from Siemens AG, Germany. The SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. Multiple Siemens Products is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause a denial-of-service condition. Manual restart of the server is required to resume normal operation. A vulnerability has been identified in SIMATIC CP 343-1 Std (All versions), SIMATIC CP 343-1 Lean (All versions), SIMATIC CP 343-1 Adv (All versions), SIMATIC CP 443-1 Std (All versions \u003c V3.2.17), SIMATIC CP 443-1 Adv (All versions \u003c V3.2.17), SIMATIC CP 443-1 OPC-UA (All versions), SIMATIC CP 1243-1 (All versions \u003c V2.1.82), SIMATIC CP 1243-1 IRC (All versions \u003c V2.1.82), SIMATIC CP 1243-1 IEC (All versions), SIMATIC CP 1243-1 DNP3 (All versions), SIMATIC CM 1542-1 (All versions \u003c V2.0), SIMATIC CM 1542SP-1 (All versions \u003c V1.0.15), SIMATIC CP 1542SP-1 IRC (All versions \u003c V1.0.15), SIMATIC CP 1543SP-1 (All versions \u003c V1.0.15), SIMATIC CP 1543-1 (All versions \u003c V2.1), SIMATIC RF650R (All versions \u003c V3.0), SIMATIC RF680R (All versions \u003c V3.0), SIMATIC RF685R (All versions \u003c V3.0), SIMATIC CP 1616 (All versions \u003c V2.7), SIMATIC CP 1604 (All versions \u003c V2.7), SIMATIC DK-16xx PN IO (All versions \u003c V2.7), SCALANCE X-200 (All versions \u003c V5.2.2), SCALANCE X-200 IRT (All versions), SCALANCE X-300/X408 (All versions \u003c V4.1.0), SCALANCE X414 (All versions \u003c V3.10.2), SCALANCE XM400 (All versions \u003c V6.1), SCALANCE XR500 (All versions \u003c V6.1), SCALANCE W700 (All versions \u003c V6.1), SCALANCE M-800, S615 (All versions \u003c V4.03), Softnet PROFINET IO for PC-based Windows systems (All versions \u003c V14 SP1), IE/PB-Link (All versions \u003c V3.0), IE/AS-i Link PN IO (All versions), SIMATIC Teleservice Adapter Standard Modem, IE Basic, IE Advanced (All versions), SITOP PSU8600 PROFINET (All versions \u003c V1.2.0), SITOP UPS1600 PROFINET (All versions \u003c V2.2.0), SIMATIC ET 200AL (All versions \u003c V1.0.2), SIMATIC ET 200ecoPN (All versions), SIMATIC ET 200M (All versions), SIMATIC ET 200MP IM155-5 PN BA (All versions \u003c V4.0.1), SIMATIC ET 200MP IM155-5 PN ST (All versions \u003c V4.1), SIMATIC ET 200MP (except IM155-5 PN BA and IM155-5 PN ST) (All versions), SIMATIC ET 200pro (All versions), SIMATIC ET 200S (All versions), SIMATIC ET 200SP IM155-6 PN ST (All versions \u003c V4.1.0), SIMATIC ET 200SP (except IM155-6 PN ST) (All versions), SIMATIC PN/PN Coupler (All versions \u003c V4.0), Development/Evaluation Kit DK Standard Ethernet Controller (All versions \u003c V4.1.1 Patch04), Development/Evaluation Kit EK-ERTEC 200P (All versions \u003c V4.4.0 Patch01), Development/Evaluation Kit EK-ERTEC 200 (All versions \u003c V4.2.1 Patch03), SIMATIC S7-200 SMART (All versions \u003c V2.3), SIMATIC S7-300 incl. F and T (All versions \u003c V3.X.14), SIMATIC S7-400 PN/DP V6 Incl. F (All versions \u003c V6.0.6), SIMATIC S7-400-H V6 (All versions \u003c V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions \u003c V7.0.2), SIMATIC S7-410 (All versions \u003c V8.2), SIMATIC S7-1200 incl. F (All versions \u003c V4.2.1), SIMATIC S7-1500 incl. F, T, and TF (All versions \u003c V2.1), SIMATIC S7-1500 Software Controller incl. F (All versions \u003c V2.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SIRIUS ACT 3SU1 interface module PROFINET (All versions), SIRIUS Soft Starter 3RW44 PN (All versions), SIRIUS Motor Starter M200D PROFINET (All versions), SIMOCODE pro V PROFINET (All versions \u003c V2.0.0), SINAMICS DCM w. PN (All versions \u003c V1.4 SP1 HF5), SINAMICS DCP w. PN (All versions \u003c V1.2 HF 1), SINAMICS G110M w. PN (All versions \u003c V4.7 SP6 HF3), SINAMICS G120(C/P/D) w. PN (All versions \u003c V4.7 SP6 HF3), SINAMICS G130 V4.7 w. PN (All versions \u003c V4.7 HF27), SINAMICS G150 V4.7 w. PN (V4.7: All versions \u003c V4.7 HF27), SINAMICS G130 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS G150 V4.8 w. PN (All versions \u003c V4.8 HF4), SINAMICS S110 w. PN (All versions \u003c V4.4 SP3 HF5), SINAMICS S120 V4.7 w. PN (All versions \u003c V4.7 HF27), and others. This vulnerability affects only SIMATIC HMI Multi Panels and HMI Mobile Panels, and S7-300/S7-400 devices. Siemens SIMATIC S7-300 F, etc. Siemens SIMATIC S7-300 F is a process controller. SIMATIC HMI Comfort Panels are touch screens",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-2681",
        "trust": 3.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-293562",
        "trust": 2.6
      },
      {
        "db": "BID",
        "id": "98369",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1038463",
        "trust": 1.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-129-02",
        "trust": 1.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-023-02",
        "trust": 0.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-284673",
        "trust": 0.3
      },
      {
        "db": "IVD",
        "id": "33467505-7492-4AE1-B978-12F61201709A",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "id": "VAR-201705-3221",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      }
    ],
    "trust": 1.5075520524444446
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:56:02.322000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-293562",
        "trust": 0.8,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC HMI Denial of Service Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/93365"
      },
      {
        "title": "Multiple Siemens Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70109"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-293562.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/98369"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-293562.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1038463"
      },
      {
        "trust": 1.1,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-129-02"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-293562.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2681"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2681"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-17-129-02"
      },
      {
        "trust": 0.3,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-023-02"
      },
      {
        "trust": 0.3,
        "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284673.pdf"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "db": "BID",
        "id": "98369"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "date": "2017-05-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "date": "2017-05-08T00:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2017-06-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "date": "2017-05-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "date": "2017-05-11T10:29:00.180000",
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-09T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      },
      {
        "date": "2020-09-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110884"
      },
      {
        "date": "2018-05-09T14:00:00",
        "db": "BID",
        "id": "98369"
      },
      {
        "date": "2017-09-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004135"
      },
      {
        "date": "2022-03-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      },
      {
        "date": "2024-11-21T03:23:57.917000",
        "db": "NVD",
        "id": "CVE-2017-2681"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens SIMATIC HMI Denial of service vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "33467505-7492-4ae1-b978-12f61201709a"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-06153"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-639"
      }
    ],
    "trust": 0.6
  }
}

cve-2021-27383
Vulnerability from cvelistv5
Published
2021-05-12 13:18
Modified
2024-08-03 20:48
Severity ?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V16 Update 4
Siemens SIMATIC WinCC Runtime Advanced V15 Version: All versions < V15.1 Update 6
Siemens SIMATIC WinCC Runtime Advanced V16 Version: All versions < V16 Update 4
Siemens SINAMICS GH150 Version: All versions
Siemens SINAMICS GL150 (with option X30) Version: All versions
Siemens SINAMICS GM150 (with option X30) Version: All versions
Siemens SINAMICS SH150 Version: All versions
Siemens SINAMICS SL150 Version: All versions
Siemens SINAMICS SM120 Version: All versions
Siemens SINAMICS SM150 Version: All versions
Siemens SINAMICS SM150i Version: All versions
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:15",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27383",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770: Allocation of Resources Without Limits or Throttling"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27383",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-27384
Vulnerability from cvelistv5
Published
2021-05-12 13:18
Modified
2024-08-03 20:48
Severity ?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V16 Update 4
Siemens SIMATIC WinCC Runtime Advanced V15 Version: All versions < V15.1 Update 6
Siemens SIMATIC WinCC Runtime Advanced V16 Version: All versions < V16 Update 4
Siemens SINAMICS GH150 Version: All versions
Siemens SINAMICS GL150 (with option X30) Version: All versions
Siemens SINAMICS GM150 (with option X30) Version: All versions
Siemens SINAMICS SH150 Version: All versions
Siemens SINAMICS SL150 Version: All versions
Siemens SINAMICS SM120 Version: All versions
Siemens SINAMICS SM150 Version: All versions
Siemens SINAMICS SM150i Version: All versions
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:16",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27384",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-27386
Vulnerability from cvelistv5
Published
2021-05-12 13:18
Modified
2024-08-03 20:48
Severity ?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V16 Update 4
Siemens SIMATIC WinCC Runtime Advanced V15 Version: All versions < V15.1 Update 6
Siemens SIMATIC WinCC Runtime Advanced V16 Version: All versions < V16 Update 4
Siemens SINAMICS GH150 Version: All versions
Siemens SINAMICS GL150 (with option X30) Version: All versions
Siemens SINAMICS GM150 (with option X30) Version: All versions
Siemens SINAMICS SH150 Version: All versions
Siemens SINAMICS SL150 Version: All versions
Siemens SINAMICS SM120 Version: All versions
Siemens SINAMICS SM150 Version: All versions
Siemens SINAMICS SM150i Version: All versions
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:18",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27386",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27386",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-15798
Vulnerability from cvelistv5
Published
2021-02-09 15:38
Modified
2024-08-04 13:30
Severity ?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046)
Impacted products
Vendor Product Version
Siemens SIMATIC HMI KTP Mobile Panels Version: All versions < V16 Update 3a
Siemens SINAMICS GH150 Version: All versions
Siemens SINAMICS GL150 (with option X30) Version: All versions
Siemens SINAMICS GM150 (with option X30) Version: All versions
Siemens SINAMICS SH150 Version: All versions
Siemens SINAMICS SL150 Version: All versions
Siemens SINAMICS SM120 Version: All versions
Siemens SINAMICS SM150 Version: All versions
Siemens SINAMICS SM150i Version: All versions
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:30:21.706Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 3a"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 3a"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions \u003c V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions \u003c V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306: Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-10T10:35:22",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2020-15798",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 3a"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 3a"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions \u003c V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions \u003c V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected devices with enabled telnet service do not require authentication for this service. This could allow a remote attacker to gain full access to the device. (ZDI-CAN-12046)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-306: Missing Authentication for Critical Function"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-520004.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-033-02"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-752103.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-15798",
    "datePublished": "2021-02-09T15:38:17",
    "dateReserved": "2020-07-15T00:00:00",
    "dateUpdated": "2024-08-04T13:30:21.706Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-27385
Vulnerability from cvelistv5
Published
2021-05-12 13:18
Modified
2024-08-03 20:48
Severity ?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Version: All versions < V16 Update 4
Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V15.1 Update 6
Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V16 Update 4
Siemens SIMATIC WinCC Runtime Advanced V15 Version: All versions < V15.1 Update 6
Siemens SIMATIC WinCC Runtime Advanced V16 Version: All versions < V16 Update 4
Siemens SINAMICS GH150 Version: All versions
Siemens SINAMICS GL150 (with option X30) Version: All versions
Siemens SINAMICS GM150 (with option X30) Version: All versions
Siemens SINAMICS SH150 Version: All versions
Siemens SINAMICS SL150 Version: All versions
Siemens SINAMICS SM120 Version: All versions
Siemens SINAMICS SM150 Version: All versions
Siemens SINAMICS SM150i Version: All versions
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:17",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27385",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27385",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}