cvelistv5 - CVE-2017-12069

CVE-2017-12069

Vulnerability from cvelistv5

Published

2017-08-30 19:00

Modified

2024-08-05 18:28

Severity ?

EPSS score ?

0.70% (0.69737)

Summary

An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/100559	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1039510
cve@mitre.org	https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf	Patch, Vendor Advisory
cve@mitre.org	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100559	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039510
af854a3a-2127-422b-91ae-364da2661108	https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf	Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:28:15.650Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
               },
               {
                  name: "1039510",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039510",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
               },
               {
                  name: "100559",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100559",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-08-30T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-10-05T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
            },
            {
               name: "1039510",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039510",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
            },
            {
               name: "100559",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100559",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-12069",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
                     refsource: "CONFIRM",
                     url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
                  },
                  {
                     name: "1039510",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039510",
                  },
                  {
                     name: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
                     refsource: "CONFIRM",
                     url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
                  },
                  {
                     name: "100559",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/100559",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-12069",
      datePublished: "2017-08-30T19:00:00",
      dateReserved: "2017-07-31T00:00:00",
      dateUpdated: "2024-08-05T18:28:15.650Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2017-12069\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-08-30T19:29:00.210\",\"lastModified\":\"2024-11-21T03:08:46.230\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad XXE en OPC Foundation UA .NET Sample Code antes del 21-03-2017 y Local Discovery Server (LDS) antes de la versión 1.03.367. Los siguientes productos se han visto afectados por esta vulnerabilidad, entre otros: Siemens SIMATIC PCS7 (todas las versiones V8.1 y anteriores), SIMATIC WinCC (todas las versiones anteriores a V7.4 SP1), SIMATIC WinCC Runtime Professional (todas las versiones anteriores a V14 SP1), SIMATIC NET PC Software y SIMATIC IT Production Suite. Un atacante podría hacer que el sistema acceda a varios recursos escogidos por el atacante mediante el envío de paquetes especialmente manipulados a OPC Discovery Server en el puerto 4840/tcp.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.1\",\"matchCriteriaId\":\"D6D19542-FDC9-4CBC-A75A-370DE4B4C929\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.4\",\"matchCriteriaId\":\"0C4AD3A6-D8F1-4DE0-9B08-25F95753F666\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ocpfoundation:local_discovery_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.01.333.0\",\"matchCriteriaId\":\"B5A47D3C-FE15-48DC-9A2B-C2F4A1B74AD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ocpfoundation:ua_.net:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2017-03-21\",\"matchCriteriaId\":\"FE0DC426-A197-41CF-A2D3-C2A959736F80\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/100559\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039510\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/100559\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039510\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
   },
}

ICSA-17-243-01

Vulnerability from csaf_cisa

Published

2017-08-31 00:00

Modified

2022-04-14 00:00

Summary

Siemens OPC UA Protocol Stack Discovery Service (Update E)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability may allow an attacker to access various resources.

Critical infrastructure sectors

Chemical, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            names: [
               "Sergey Temnikov",
            ],
            organization: "Kaspersky Lab",
            summary: "reporting this vulnerability to Siemens",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Disclosure is not limited",
         tlp: {
            label: "WHITE",
            url: "https://us-cert.cisa.gov/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "general",
            text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
            title: "CISA Disclaimer",
         },
         {
            category: "legal_disclaimer",
            text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
            title: "Legal Notice",
         },
         {
            category: "summary",
            text: "Successful exploitation of this vulnerability may allow an attacker to access various resources.",
            title: "Risk evaluation",
         },
         {
            category: "other",
            text: "Chemical, Energy, Food and Agriculture, Water and Wastewater Systems",
            title: "Critical infrastructure sectors",
         },
         {
            category: "other",
            text: "Worldwide",
            title: "Countries/areas deployed",
         },
         {
            category: "other",
            text: "Germany",
            title: "Company headquarters location",
         },
         {
            category: "general",
            text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
            title: "Additional Resources",
         },
         {
            category: "other",
            text: "No known public exploits specifically target this vulnerability.",
            title: "Exploitability",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
         name: "CISA",
         namespace: "https://www.cisa.gov/",
      },
      references: [
         {
            category: "external",
            summary: "SSA-535640: Vulnerability in Industrial Products - CSAF Version",
            url: "https://cert-portal.siemens.com/productcert/csaf/ssa-535640.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-17-243-01 JSON",
            url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-243-01.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-17-243-01 Web Version",
            url: "https://www.cisa.gov/news-events/ics-advisories/icsa-17-243-01",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B",
         },
         {
            category: "external",
            summary: "SSA-535640: Vulnerability in Industrial Products - PDF Version",
            url: "https://cert-portal.siemens.com/productcert/pdf/ssa-535640.pdf",
         },
         {
            category: "external",
            summary: "SSA-535640: Vulnerability in Industrial Products - TXT Version",
            url: "https://cert-portal.siemens.com/productcert/txt/ssa-535640.txt",
         },
      ],
      title: "Siemens OPC UA Protocol Stack Discovery Service (Update E)",
      tracking: {
         current_release_date: "2022-04-14T00:00:00.000000Z",
         generator: {
            engine: {
               name: "CISA CSAF Generator",
               version: "1.0.0",
            },
         },
         id: "ICSA-17-243-01",
         initial_release_date: "2017-08-31T00:00:00.000000Z",
         revision_history: [
            {
               date: "2017-08-31T00:00:00.000000Z",
               legacy_version: "Initial",
               number: "1",
               summary: "ICSA-17-243-01 Siemens OPC UA Protocol Stack Discovery Service",
            },
            {
               date: "2017-10-03T00:00:00.000000Z",
               legacy_version: "A",
               number: "2",
               summary: "ICSA-17-243-01A Siemens Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation (Update A)",
            },
            {
               date: "2017-11-30T00:00:00.000000Z",
               legacy_version: "B",
               number: "3",
               summary: "ICSA-17-243-01B Siemens Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation (Update B)",
            },
            {
               date: "2019-02-05T00:00:00.000000Z",
               legacy_version: "C",
               number: "4",
               summary: "ICSA-17-243-01 Siemens Discovery Service of OPC UA Protocol (Update C)",
            },
            {
               date: "2020-08-11T00:00:00.000000Z",
               legacy_version: "D",
               number: "5",
               summary: "ICSA-17-243-01 Siemens OPC UA Protocol Stack Discovery Service (Update D)",
            },
            {
               date: "2022-04-14T00:00:00.000000Z",
               legacy_version: "E",
               number: "6",
               summary: "ICSA-17-243-01 Siemens OPC UA Protocol Stack Discovery Service (Update E)",
            },
         ],
         status: "final",
         version: "6",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions >= V6.5 and < V7.1",
                        product: {
                           name: "SIMATIC IT Production Suite",
                           product_id: "CSAFPID-0001",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC IT Production Suite",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V14 SP1 Update 14",
                        product: {
                           name: "SIMATIC NET PC Software V14",
                           product_id: "CSAFPID-0002",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC NET PC Software V14",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "Versions V8.0, V8.1",
                        product: {
                           name: "SIMATIC PCS 7",
                           product_id: "CSAFPID-0003",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PCS 7",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions < V7.2",
                        product: {
                           name: "SIMATIC WinCC",
                           product_id: "CSAFPID-0004",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC WinCC",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions",
                        product: {
                           name: "SIMATIC WinCC Runtime Professional V13",
                           product_id: "CSAFPID-0005",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC WinCC Runtime Professional V13",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions < V14 SP1",
                        product: {
                           name: "SIMATIC WinCC Runtime Professional V14",
                           product_id: "CSAFPID-0006",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC WinCC Runtime Professional V14",
               },
            ],
            category: "vendor",
            name: "Siemens",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2017-12069",
         cwe: {
            id: "CWE-611",
            name: "Improper Restriction of XML External Entity Reference",
         },
         notes: [
            {
               category: "summary",
               text: "By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. To execute the attack, the attacker must have network access to the affected devices.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-0001",
               "CSAFPID-0002",
               "CSAFPID-0003",
               "CSAFPID-0004",
               "CSAFPID-0005",
               "CSAFPID-0006",
            ],
         },
         references: [
            {
               summary: "CVE-2017-12069 - SIMATIC NET PC Software V14",
               url: "https://support.industry.siemens.com/cs/ww/en/view/109807351/",
            },
            {
               summary: "CVE-2017-12069 - SIMATIC WinCC Runtime Professional V14",
               url: "https://support.industry.siemens.com/cs/ww/en/view/109746276",
            },
            {
               summary: "CVE-2017-12069 Mitre 5.0 json",
               url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2017-12069.json",
            },
            {
               category: "external",
               summary: "web.nvd.nist.gov",
               url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12069",
            },
            {
               category: "external",
               summary: "www.first.org",
               url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to V7.1 or later version",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V14 SP1 Update 14 or later version",
               product_ids: [
                  "CSAFPID-0002",
               ],
               url: "https://support.industry.siemens.com/cs/ww/en/view/109807351/",
            },
            {
               category: "no_fix_planned",
               details: "Currently no fix is planned",
               product_ids: [
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V14 SP1 or later version",
               product_ids: [
                  "CSAFPID-0006",
               ],
               url: "https://support.industry.siemens.com/cs/ww/en/view/109746276",
            },
            {
               category: "mitigation",
               details: "Turn off the Discovery Service after commissioning or block it on the local firewall: https://support.industry.siemens.com/cs/ww/en/view/109749461",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
            {
               category: "mitigation",
               details: "Use VPN for protecting network communication between cells",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
            {
               category: "mitigation",
               details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
         ],
         title: "CVE-2017-12069",
      },
   ],
}

icsa-17-243-01

Vulnerability from csaf_cisa

Published

2017-08-31 00:00

Modified

2022-04-14 00:00

Summary

Siemens OPC UA Protocol Stack Discovery Service (Update E)

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

Risk evaluation

Successful exploitation of this vulnerability may allow an attacker to access various resources.

Critical infrastructure sectors

Chemical, Energy, Food and Agriculture, Water and Wastewater Systems

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

Exploitability

No known public exploits specifically target this vulnerability.

JSON

To clipboard

{
   document: {
      acknowledgments: [
         {
            names: [
               "Sergey Temnikov",
            ],
            organization: "Kaspersky Lab",
            summary: "reporting this vulnerability to Siemens",
         },
      ],
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Disclosure is not limited",
         tlp: {
            label: "WHITE",
            url: "https://us-cert.cisa.gov/tlp/",
         },
      },
      lang: "en-US",
      notes: [
         {
            category: "general",
            text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
            title: "CISA Disclaimer",
         },
         {
            category: "legal_disclaimer",
            text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
            title: "Legal Notice",
         },
         {
            category: "summary",
            text: "Successful exploitation of this vulnerability may allow an attacker to access various resources.",
            title: "Risk evaluation",
         },
         {
            category: "other",
            text: "Chemical, Energy, Food and Agriculture, Water and Wastewater Systems",
            title: "Critical infrastructure sectors",
         },
         {
            category: "other",
            text: "Worldwide",
            title: "Countries/areas deployed",
         },
         {
            category: "other",
            text: "Germany",
            title: "Company headquarters location",
         },
         {
            category: "general",
            text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
            title: "Recommended Practices",
         },
         {
            category: "general",
            text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
            title: "Additional Resources",
         },
         {
            category: "other",
            text: "No known public exploits specifically target this vulnerability.",
            title: "Exploitability",
         },
      ],
      publisher: {
         category: "coordinator",
         contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
         name: "CISA",
         namespace: "https://www.cisa.gov/",
      },
      references: [
         {
            category: "external",
            summary: "SSA-535640: Vulnerability in Industrial Products - CSAF Version",
            url: "https://cert-portal.siemens.com/productcert/csaf/ssa-535640.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-17-243-01 JSON",
            url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2017/icsa-17-243-01.json",
         },
         {
            category: "self",
            summary: "ICS Advisory ICSA-17-243-01 Web Version",
            url: "https://www.cisa.gov/news-events/ics-advisories/icsa-17-243-01",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf",
         },
         {
            category: "external",
            summary: "Recommended Practices",
            url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B",
         },
         {
            category: "external",
            summary: "SSA-535640: Vulnerability in Industrial Products - PDF Version",
            url: "https://cert-portal.siemens.com/productcert/pdf/ssa-535640.pdf",
         },
         {
            category: "external",
            summary: "SSA-535640: Vulnerability in Industrial Products - TXT Version",
            url: "https://cert-portal.siemens.com/productcert/txt/ssa-535640.txt",
         },
      ],
      title: "Siemens OPC UA Protocol Stack Discovery Service (Update E)",
      tracking: {
         current_release_date: "2022-04-14T00:00:00.000000Z",
         generator: {
            engine: {
               name: "CISA CSAF Generator",
               version: "1.0.0",
            },
         },
         id: "ICSA-17-243-01",
         initial_release_date: "2017-08-31T00:00:00.000000Z",
         revision_history: [
            {
               date: "2017-08-31T00:00:00.000000Z",
               legacy_version: "Initial",
               number: "1",
               summary: "ICSA-17-243-01 Siemens OPC UA Protocol Stack Discovery Service",
            },
            {
               date: "2017-10-03T00:00:00.000000Z",
               legacy_version: "A",
               number: "2",
               summary: "ICSA-17-243-01A Siemens Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation (Update A)",
            },
            {
               date: "2017-11-30T00:00:00.000000Z",
               legacy_version: "B",
               number: "3",
               summary: "ICSA-17-243-01B Siemens Industrial products using the Discovery Service of the OPC UA protocol stack by the OPC foundation (Update B)",
            },
            {
               date: "2019-02-05T00:00:00.000000Z",
               legacy_version: "C",
               number: "4",
               summary: "ICSA-17-243-01 Siemens Discovery Service of OPC UA Protocol (Update C)",
            },
            {
               date: "2020-08-11T00:00:00.000000Z",
               legacy_version: "D",
               number: "5",
               summary: "ICSA-17-243-01 Siemens OPC UA Protocol Stack Discovery Service (Update D)",
            },
            {
               date: "2022-04-14T00:00:00.000000Z",
               legacy_version: "E",
               number: "6",
               summary: "ICSA-17-243-01 Siemens OPC UA Protocol Stack Discovery Service (Update E)",
            },
         ],
         status: "final",
         version: "6",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions >= V6.5 and < V7.1",
                        product: {
                           name: "SIMATIC IT Production Suite",
                           product_id: "CSAFPID-0001",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC IT Production Suite",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "< V14 SP1 Update 14",
                        product: {
                           name: "SIMATIC NET PC Software V14",
                           product_id: "CSAFPID-0002",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC NET PC Software V14",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "Versions V8.0, V8.1",
                        product: {
                           name: "SIMATIC PCS 7",
                           product_id: "CSAFPID-0003",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC PCS 7",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions < V7.2",
                        product: {
                           name: "SIMATIC WinCC",
                           product_id: "CSAFPID-0004",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC WinCC",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions",
                        product: {
                           name: "SIMATIC WinCC Runtime Professional V13",
                           product_id: "CSAFPID-0005",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC WinCC Runtime Professional V13",
               },
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "All Versions < V14 SP1",
                        product: {
                           name: "SIMATIC WinCC Runtime Professional V14",
                           product_id: "CSAFPID-0006",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "SIMATIC WinCC Runtime Professional V14",
               },
            ],
            category: "vendor",
            name: "Siemens",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2017-12069",
         cwe: {
            id: "CWE-611",
            name: "Improper Restriction of XML External Entity Reference",
         },
         notes: [
            {
               category: "summary",
               text: "By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. To execute the attack, the attacker must have network access to the affected devices.",
               title: "Summary",
            },
         ],
         product_status: {
            known_affected: [
               "CSAFPID-0001",
               "CSAFPID-0002",
               "CSAFPID-0003",
               "CSAFPID-0004",
               "CSAFPID-0005",
               "CSAFPID-0006",
            ],
         },
         references: [
            {
               summary: "CVE-2017-12069 - SIMATIC NET PC Software V14",
               url: "https://support.industry.siemens.com/cs/ww/en/view/109807351/",
            },
            {
               summary: "CVE-2017-12069 - SIMATIC WinCC Runtime Professional V14",
               url: "https://support.industry.siemens.com/cs/ww/en/view/109746276",
            },
            {
               summary: "CVE-2017-12069 Mitre 5.0 json",
               url: "https://cert-portal.siemens.com/productcert/mitre/CVE-2017-12069.json",
            },
            {
               category: "external",
               summary: "web.nvd.nist.gov",
               url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12069",
            },
            {
               category: "external",
               summary: "www.first.org",
               url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "Update to V7.1 or later version",
               product_ids: [
                  "CSAFPID-0001",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V14 SP1 Update 14 or later version",
               product_ids: [
                  "CSAFPID-0002",
               ],
               url: "https://support.industry.siemens.com/cs/ww/en/view/109807351/",
            },
            {
               category: "no_fix_planned",
               details: "Currently no fix is planned",
               product_ids: [
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
               ],
            },
            {
               category: "vendor_fix",
               details: "Update to V14 SP1 or later version",
               product_ids: [
                  "CSAFPID-0006",
               ],
               url: "https://support.industry.siemens.com/cs/ww/en/view/109746276",
            },
            {
               category: "mitigation",
               details: "Turn off the Discovery Service after commissioning or block it on the local firewall: https://support.industry.siemens.com/cs/ww/en/view/109749461",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
            {
               category: "mitigation",
               details: "Use VPN for protecting network communication between cells",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
            {
               category: "mitigation",
               details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
               product_ids: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
                  version: "3.1",
               },
               products: [
                  "CSAFPID-0001",
                  "CSAFPID-0002",
                  "CSAFPID-0003",
                  "CSAFPID-0004",
                  "CSAFPID-0005",
                  "CSAFPID-0006",
               ],
            },
         ],
         title: "CVE-2017-12069",
      },
   ],
}

fkie_cve-2017-12069

Vulnerability from fkie_nvd

Published

2017-08-30 19:29

Modified

2024-11-21 03:08

Severity ?

8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/100559	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id/1039510
cve@mitre.org	https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf	Patch, Vendor Advisory
cve@mitre.org	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/100559	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1039510
af854a3a-2127-422b-91ae-364da2661108	https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_pcs7	*
siemens	wincc	*
ocpfoundation	local_discovery_server	*
ocpfoundation	ua_.net	*

JSON

To clipboard

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6D19542-FDC9-4CBC-A75A-370DE4B4C929",
                     versionEndIncluding: "8.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C4AD3A6-D8F1-4DE0-9B08-25F95753F666",
                     versionEndIncluding: "7.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:ocpfoundation:local_discovery_server:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5A47D3C-FE15-48DC-9A2B-C2F4A1B74AD6",
                     versionEndIncluding: "1.01.333.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:ocpfoundation:ua_.net:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE0DC426-A197-41CF-A2D3-C2A959736F80",
                     versionEndIncluding: "2017-03-21",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
      },
      {
         lang: "es",
         value: "Se ha identificado una vulnerabilidad XXE en OPC Foundation UA .NET Sample Code antes del 21-03-2017 y Local Discovery Server (LDS) antes de la versión 1.03.367. Los siguientes productos se han visto afectados por esta vulnerabilidad, entre otros: Siemens SIMATIC PCS7 (todas las versiones V8.1 y anteriores), SIMATIC WinCC (todas las versiones anteriores a V7.4 SP1), SIMATIC WinCC Runtime Professional (todas las versiones anteriores a V14 SP1), SIMATIC NET PC Software y SIMATIC IT Production Suite. Un atacante podría hacer que el sistema acceda a varios recursos escogidos por el atacante mediante el envío de paquetes especialmente manipulados a OPC Discovery Server en el puerto 4840/tcp.",
      },
   ],
   id: "CVE-2017-12069",
   lastModified: "2024-11-21T03:08:46.230",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: true,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.4,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityImpact: "LOW",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-08-30T19:29:00.210",
   references: [
      {
         source: "cve@mitre.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/100559",
      },
      {
         source: "cve@mitre.org",
         url: "http://www.securitytracker.com/id/1039510",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
      },
      {
         source: "cve@mitre.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/100559",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1039510",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
      },
   ],
   sourceIdentifier: "cve@mitre.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-611",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

ghsa-jj7f-wqmm-8q5f

Vulnerability from github

Published

2022-05-17 00:35

Modified

2022-05-17 00:35

Severity ?

8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2017-12069",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-611",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2017-08-30T19:29:00Z",
      severity: "HIGH",
   },
   details: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
   id: "GHSA-jj7f-wqmm-8q5f",
   modified: "2022-05-17T00:35:07Z",
   published: "2022-05-17T00:35:07Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2017-12069",
      },
      {
         type: "WEB",
         url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
      },
      {
         type: "WEB",
         url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
      },
      {
         type: "WEB",
         url: "http://www.securityfocus.com/bid/100559",
      },
      {
         type: "WEB",
         url: "http://www.securitytracker.com/id/1039510",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
         type: "CVSS_V3",
      },
   ],
}

gsd-2017-12069

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-12069

Aliases

CVE-2017-12069

JSON

To clipboard

{
   GSD: {
      alias: "CVE-2017-12069",
      description: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
      id: "GSD-2017-12069",
   },
   gsd: {
      metadata: {
         exploitCode: "unknown",
         remediation: "unknown",
         reportConfidence: "confirmed",
         type: "vulnerability",
      },
      osvSchema: {
         aliases: [
            "CVE-2017-12069",
         ],
         details: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
         id: "GSD-2017-12069",
         modified: "2023-12-13T01:21:03.512717Z",
         schema_version: "1.4.0",
      },
   },
   namespaces: {
      "cve.org": {
         CVE_data_meta: {
            ASSIGNER: "cve@mitre.org",
            ID: "CVE-2017-12069",
            STATE: "PUBLIC",
         },
         affects: {
            vendor: {
               vendor_data: [
                  {
                     product: {
                        product_data: [
                           {
                              product_name: "n/a",
                              version: {
                                 version_data: [
                                    {
                                       version_value: "n/a",
                                    },
                                 ],
                              },
                           },
                        ],
                     },
                     vendor_name: "n/a",
                  },
               ],
            },
         },
         data_format: "MITRE",
         data_type: "CVE",
         data_version: "4.0",
         description: {
            description_data: [
               {
                  lang: "eng",
                  value: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
               },
            ],
         },
         problemtype: {
            problemtype_data: [
               {
                  description: [
                     {
                        lang: "eng",
                        value: "n/a",
                     },
                  ],
               },
            ],
         },
         references: {
            reference_data: [
               {
                  name: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
                  refsource: "CONFIRM",
                  url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
               },
               {
                  name: "1039510",
                  refsource: "SECTRACK",
                  url: "http://www.securitytracker.com/id/1039510",
               },
               {
                  name: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
                  refsource: "CONFIRM",
                  url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
               },
               {
                  name: "100559",
                  refsource: "BID",
                  url: "http://www.securityfocus.com/bid/100559",
               },
            ],
         },
      },
      "nvd.nist.gov": {
         configurations: {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:siemens:wincc:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "7.4",
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:siemens:simatic_pcs7:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "8.1",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:ocpfoundation:ua_.net:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "2017-03-21",
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:ocpfoundation:local_discovery_server:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "1.01.333.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
         cve: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-12069",
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "en",
                     value: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "en",
                           value: "CWE-611",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
                     refsource: "CONFIRM",
                     tags: [
                        "Vendor Advisory",
                     ],
                     url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
                  },
                  {
                     name: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
                     refsource: "CONFIRM",
                     tags: [
                        "Patch",
                        "Vendor Advisory",
                     ],
                     url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
                  },
                  {
                     name: "100559",
                     refsource: "BID",
                     tags: [
                        "Third Party Advisory",
                        "VDB Entry",
                     ],
                     url: "http://www.securityfocus.com/bid/100559",
                  },
                  {
                     name: "1039510",
                     refsource: "SECTRACK",
                     tags: [],
                     url: "http://www.securitytracker.com/id/1039510",
                  },
               ],
            },
         },
         impact: {
            baseMetricV2: {
               acInsufInfo: true,
               cvssV2: {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  availabilityImpact: "PARTIAL",
                  baseScore: 6.4,
                  confidentialityImpact: "PARTIAL",
                  integrityImpact: "NONE",
                  vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P",
                  version: "2.0",
               },
               exploitabilityScore: 10,
               impactScore: 4.9,
               obtainAllPrivilege: false,
               obtainOtherPrivilege: false,
               obtainUserPrivilege: false,
               severity: "MEDIUM",
               userInteractionRequired: false,
            },
            baseMetricV3: {
               cvssV3: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
                  version: "3.0",
               },
               exploitabilityScore: 3.9,
               impactScore: 4.2,
            },
         },
         lastModifiedDate: "2017-10-06T01:29Z",
         publishedDate: "2017-08-30T19:29Z",
      },
   },
}

var-201708-0476

Vulnerability from variot

The Siemens OPC UA protocol has an XML external entity vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system

Show details on source website

JSON

To clipboard

{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-201708-0476",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "local discovery server",
            scope: "lte",
            trust: 1,
            vendor: "ocpfoundation",
            version: "1.01.333.0",
         },
         {
            model: "simatic pcs7",
            scope: "lte",
            trust: 1,
            vendor: "siemens",
            version: "8.1",
         },
         {
            model: "ua .net",
            scope: "lte",
            trust: 1,
            vendor: "ocpfoundation",
            version: "2017-03-21",
         },
         {
            model: "wincc",
            scope: "lte",
            trust: 1,
            vendor: "siemens",
            version: "7.4",
         },
         {
            model: "simatic pcs",
            scope: "eq",
            trust: 0.9,
            vendor: "siemens",
            version: "78.0",
         },
         {
            model: "simatic pcs",
            scope: "eq",
            trust: 0.9,
            vendor: "siemens",
            version: "78.1",
         },
         {
            model: "simatic wincc",
            scope: "eq",
            trust: 0.9,
            vendor: "siemens",
            version: "7.0",
         },
         {
            model: "simatic wincc",
            scope: "eq",
            trust: 0.9,
            vendor: "siemens",
            version: "7.2",
         },
         {
            model: "simatic wincc",
            scope: "eq",
            trust: 0.9,
            vendor: "siemens",
            version: "7.3",
         },
         {
            model: "local discovery server",
            scope: "lt",
            trust: 0.8,
            vendor: "opc",
            version: "1.03.367",
         },
         {
            model: "ua .net",
            scope: "eq",
            trust: 0.8,
            vendor: "opc",
            version: "2017-03-21",
         },
         {
            model: "simatic it production suite",
            scope: null,
            trust: 0.8,
            vendor: "siemens",
            version: null,
         },
         {
            model: "simatic net pc software",
            scope: null,
            trust: 0.8,
            vendor: "siemens",
            version: null,
         },
         {
            model: "simatic pcs 7",
            scope: null,
            trust: 0.8,
            vendor: "siemens",
            version: null,
         },
         {
            model: "simatic wincc",
            scope: null,
            trust: 0.8,
            vendor: "siemens",
            version: null,
         },
         {
            model: "simatic wincc runtime professional",
            scope: null,
            trust: 0.8,
            vendor: "siemens",
            version: null,
         },
         {
            model: "simatic it production suite all",
            scope: null,
            trust: 0.6,
            vendor: "siemens",
            version: null,
         },
         {
            model: "simatic net pc-software",
            scope: null,
            trust: 0.6,
            vendor: "siemens",
            version: null,
         },
         {
            model: "simatic pcs",
            scope: "eq",
            trust: 0.6,
            vendor: "siemens",
            version: "7<=7.1",
         },
         {
            model: "simatic wincc sp1",
            scope: "lt",
            trust: 0.6,
            vendor: "siemens",
            version: "v7.4",
         },
         {
            model: "simatic wincc runtime professional",
            scope: "lt",
            trust: 0.6,
            vendor: "siemens",
            version: "v13",
         },
         {
            model: "simatic wincc runtime professional sp1",
            scope: "lt",
            trust: 0.6,
            vendor: "siemens",
            version: "v14",
         },
         {
            model: "local discovery server",
            scope: "eq",
            trust: 0.6,
            vendor: "ocpfoundation",
            version: "1.01.333.0",
         },
         {
            model: "ua .net",
            scope: "eq",
            trust: 0.6,
            vendor: "ocpfoundation",
            version: "2017-03-21",
         },
         {
            model: "simatic wincc runtime professional",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "14",
         },
         {
            model: "simatic wincc runtime professional",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "13",
         },
         {
            model: "simatic wincc",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "7.4",
         },
         {
            model: "simatic pcs",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "77.1",
         },
         {
            model: "simatic net pc-software",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "14",
         },
         {
            model: "simatic net pc-software sp2",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "13",
         },
         {
            model: "simatic net pc-software hf1",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "13",
         },
         {
            model: "simatic net pc-software",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "13",
         },
         {
            model: "simatic net pc-software sp2 hf3",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "12",
         },
         {
            model: "simatic net pc-software",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "12",
         },
         {
            model: "simatic it production suite",
            scope: "eq",
            trust: 0.3,
            vendor: "siemens",
            version: "0",
         },
         {
            model: "plant connectivity",
            scope: "eq",
            trust: 0.3,
            vendor: "sap",
            version: "15.0",
         },
         {
            model: "simatic wincc runtime professional sp1",
            scope: "ne",
            trust: 0.3,
            vendor: "siemens",
            version: "14",
         },
         {
            model: "simatic wincc sp1",
            scope: "ne",
            trust: 0.3,
            vendor: "siemens",
            version: "7.4",
         },
         {
            model: null,
            scope: "eq",
            trust: 0.2,
            vendor: "simatic pcs7",
            version: "*",
         },
         {
            model: null,
            scope: "eq",
            trust: 0.2,
            vendor: "wincc",
            version: "*",
         },
         {
            model: null,
            scope: "eq",
            trust: 0.2,
            vendor: "local discovery server",
            version: "*",
         },
         {
            model: null,
            scope: "eq",
            trust: 0.2,
            vendor: "ua net",
            version: "*",
         },
      ],
      sources: [
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "BID",
            id: "100559",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
         {
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   configurations: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/configurations#",
         children: {
            "@container": "@list",
         },
         cpe_match: {
            "@container": "@list",
         },
         data: {
            "@container": "@list",
         },
         nodes: {
            "@container": "@list",
         },
      },
      data: [
         {
            CVE_data_version: "4.0",
            nodes: [
               {
                  cpe_match: [
                     {
                        cpe22Uri: "cpe:/a:opcfoundation:local_discovery_server",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/a:opcfoundation:ua_.net",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/a:siemens:simatic_it_production_suite",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/a:siemens:simatic_net_pc-software",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/a:siemens:simatic_pcs_7",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/a:siemens:simatic_wincc",
                        vulnerable: true,
                     },
                     {
                        cpe22Uri: "cpe:/a:siemens:simatic_wincc_runtime_professional",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
            ],
         },
      ],
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
      ],
   },
   credits: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/credits#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Sergey Temnikov of Kaspersky Lab.",
      sources: [
         {
            db: "BID",
            id: "100559",
         },
      ],
      trust: 0.3,
   },
   cve: "CVE-2017-12069",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "nvd@nist.gov",
                  availabilityImpact: "PARTIAL",
                  baseScore: 6.4,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 10,
                  id: "CVE-2017-12069",
                  impactScore: 4.9,
                  integrityImpact: "NONE",
                  severity: "MEDIUM",
                  trust: 1.9,
                  vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P",
                  version: "2.0",
               },
               {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "CNVD",
                  availabilityImpact: "COMPLETE",
                  baseScore: 8.5,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 10,
                  id: "CNVD-2017-24363",
                  impactScore: 7.8,
                  integrityImpact: "NONE",
                  severity: "HIGH",
                  trust: 0.6,
                  vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:C",
                  version: "2.0",
               },
               {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "IVD",
                  availabilityImpact: "COMPLETE",
                  baseScore: 8.5,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 10,
                  id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
                  impactScore: 7.8,
                  integrityImpact: "NONE",
                  severity: "HIGH",
                  trust: 0.2,
                  vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:C",
                  version: "2.9 [IVD]",
               },
               {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "VULHUB",
                  availabilityImpact: "PARTIAL",
                  baseScore: 6.4,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 10,
                  id: "VHN-102554",
                  impactScore: 4.9,
                  integrityImpact: "NONE",
                  severity: "MEDIUM",
                  trust: 0.1,
                  vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:P",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  author: "nvd@nist.gov",
                  availabilityImpact: "HIGH",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  exploitabilityScore: 3.9,
                  id: "CVE-2017-12069",
                  impactScore: 4.2,
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 1.8,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "nvd@nist.gov",
                  id: "CVE-2017-12069",
                  trust: 1,
                  value: "HIGH",
               },
               {
                  author: "NVD",
                  id: "CVE-2017-12069",
                  trust: 0.8,
                  value: "High",
               },
               {
                  author: "CNVD",
                  id: "CNVD-2017-24363",
                  trust: 0.6,
                  value: "HIGH",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-201708-1273",
                  trust: 0.6,
                  value: "HIGH",
               },
               {
                  author: "IVD",
                  id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
                  trust: 0.2,
                  value: "MEDIUM",
               },
               {
                  author: "VULHUB",
                  id: "VHN-102554",
                  trust: 0.1,
                  value: "MEDIUM",
               },
               {
                  author: "VULMON",
                  id: "CVE-2017-12069",
                  trust: 0.1,
                  value: "MEDIUM",
               },
            ],
         },
      ],
      sources: [
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            db: "VULMON",
            id: "CVE-2017-12069",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
         {
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server (LDS) before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 (All versions V8.1 and earlier), SIMATIC WinCC (All versions < V7.4 SP1), SIMATIC WinCC Runtime Professional (All versions < V14 SP1), SIMATIC NET PC Software, and SIMATIC IT Production Suite. By sending specially crafted packets to the OPC Discovery Server at port 4840/tcp, an attacker might cause the system to access various resources chosen by the attacker. Siemens industrial products are based on the OPC UAP protocol based on OPC to discover and configure LAN device information. \n\nThe Siemens OPC UA protocol has an XML external entity vulnerability. \nAttackers can exploit this  issue to gain access to sensitive information or cause denial-of-service conditions. Siemens SIMATIC PCS and so on are all products of German Siemens (Siemens). Siemens SIMATIC PCS is a process control system. SIMATIC WinCC is a set of automatic data acquisition and monitoring (SCADA) system",
      sources: [
         {
            db: "NVD",
            id: "CVE-2017-12069",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "BID",
            id: "100559",
         },
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            db: "VULMON",
            id: "CVE-2017-12069",
         },
      ],
      trust: 2.79,
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2017-12069",
            trust: 3.7,
         },
         {
            db: "SIEMENS",
            id: "SSA-535640",
            trust: 1.8,
         },
         {
            db: "ICS CERT",
            id: "ICSA-17-243-01",
            trust: 1.6,
         },
         {
            db: "BID",
            id: "100559",
            trust: 1.5,
         },
         {
            db: "SECTRACK",
            id: "1039510",
            trust: 1.2,
         },
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
            trust: 0.9,
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
            trust: 0.8,
         },
         {
            db: "ICS CERT",
            id: "ICSA-17-243-01B",
            trust: 0.8,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
            trust: 0.8,
         },
         {
            db: "IVD",
            id: "E3C681F4-90BE-4763-9EA0-9BF8B55433BB",
            trust: 0.2,
         },
         {
            db: "VULHUB",
            id: "VHN-102554",
            trust: 0.1,
         },
         {
            db: "VULMON",
            id: "CVE-2017-12069",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            db: "VULMON",
            id: "CVE-2017-12069",
         },
         {
            db: "BID",
            id: "100559",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
         {
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   id: "VAR-201708-0476",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "VULHUB",
            id: "VHN-102554",
         },
      ],
      trust: 1.5183507387500002,
   },
   iot_taxonomy: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            category: [
               "ICS",
            ],
            sub_category: null,
            trust: 0.8,
         },
      ],
      sources: [
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
      ],
   },
   last_update_date: "2024-11-23T21:40:46.820000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "Security Update for the OPC UA .NET Sample Code",
            trust: 0.8,
            url: "https://opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2017-12069.pdf",
         },
         {
            title: "SSA-535640",
            trust: 0.8,
            url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
         },
         {
            title: "Patch for Siemens OPC UA Protocol XML External Entity Vulnerability",
            trust: 0.6,
            url: "https://www.cnvd.org.cn/patchInfo/show/176381",
         },
         {
            title: "Multiple Siemens product OPC Foundation UA .NET Sample Code  and Local Discovery Server Security vulnerabilities",
            trust: 0.6,
            url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74833",
         },
         {
            title: "Siemens Security Advisories: Siemens Security Advisory",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=0561e5e7e515f186e8a5589cf02f38a8",
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "VULMON",
            id: "CVE-2017-12069",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-611",
            trust: 1.9,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 1.8,
            url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-535640.pdf",
         },
         {
            trust: 1.5,
            url: "https://opcfoundation-onlineapplications.org/faq/securitybulletins/opc_foundation_security_bulletin_cve-2017-12069.pdf",
         },
         {
            trust: 1.2,
            url: "http://www.securityfocus.com/bid/100559",
         },
         {
            trust: 1.2,
            url: "http://www.securitytracker.com/id/1039510",
         },
         {
            trust: 0.9,
            url: "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01",
         },
         {
            trust: 0.8,
            url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12069",
         },
         {
            trust: 0.8,
            url: "https://ics-cert.us-cert.gov/advisories/icsa-17-243-01b",
         },
         {
            trust: 0.8,
            url: "https://nvd.nist.gov/vuln/detail/cve-2017-12069",
         },
         {
            trust: 0.6,
            url: "https://support.industry.siemens.com/cs/ww/en/view/109746038",
         },
         {
            trust: 0.6,
            url: "https://support.industry.siemens.com/cs/ww/en/view/109746276",
         },
         {
            trust: 0.6,
            url: "https://us-cert.cisa.gov/ics/advisories/icsa-17-243-01-0",
         },
         {
            trust: 0.3,
            url: "http://subscriber.communications.siemens.com/",
         },
         {
            trust: 0.3,
            url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095",
         },
         {
            trust: 0.3,
            url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993",
         },
         {
            trust: 0.1,
            url: "https://cwe.mitre.org/data/definitions/611.html",
         },
         {
            trust: 0.1,
            url: "https://tools.cisco.com/security/center/viewalert.x?alertid=55504",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov",
         },
         {
            trust: 0.1,
            url: "https://www.cisa.gov/uscert/ics/advisories/icsa-17-243-01-0",
         },
      ],
      sources: [
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            db: "VULMON",
            id: "CVE-2017-12069",
         },
         {
            db: "BID",
            id: "100559",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
         {
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            db: "VULMON",
            id: "CVE-2017-12069",
         },
         {
            db: "BID",
            id: "100559",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
         {
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2017-09-02T00:00:00",
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            date: "2017-09-01T00:00:00",
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            date: "2017-08-30T00:00:00",
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            date: "2017-08-30T00:00:00",
            db: "VULMON",
            id: "CVE-2017-12069",
         },
         {
            date: "2017-08-31T00:00:00",
            db: "BID",
            id: "100559",
         },
         {
            date: "2017-10-05T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            date: "2017-08-30T00:00:00",
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
         {
            date: "2017-08-30T19:29:00.210000",
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2019-08-28T00:00:00",
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
         {
            date: "2017-10-06T00:00:00",
            db: "VULHUB",
            id: "VHN-102554",
         },
         {
            date: "2017-10-06T00:00:00",
            db: "VULMON",
            id: "CVE-2017-12069",
         },
         {
            date: "2018-10-12T04:00:00",
            db: "BID",
            id: "100559",
         },
         {
            date: "2017-10-05T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2017-008019",
         },
         {
            date: "2020-08-12T00:00:00",
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
         {
            date: "2024-11-21T03:08:46.230000",
            db: "NVD",
            id: "CVE-2017-12069",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "remote",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
      ],
      trust: 0.6,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Siemens OPC UA protocol XML External entity vulnerability",
      sources: [
         {
            db: "IVD",
            id: "e3c681f4-90be-4763-9ea0-9bf8b55433bb",
         },
         {
            db: "CNVD",
            id: "CNVD-2017-24363",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "code problem",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-201708-1273",
         },
      ],
      trust: 0.6,
   },
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-12069

Vulnerability from cvelistv5

ICSA-17-243-01

Vulnerability from csaf_cisa

icsa-17-243-01

Vulnerability from csaf_cisa

fkie_cve-2017-12069

Vulnerability from fkie_nvd

ghsa-jj7f-wqmm-8q5f

Vulnerability from github

gsd-2017-12069

Vulnerability from gsd

var-201708-0476

Vulnerability from variot

Tags

Sightings

Nomenclature