cnvd - cnvd-2018-06261

cnvd-2018-06261

Vulnerability from cnvd

Title

Siemens SIMATIC WinCC OA UI for Android和iOS访问绕过漏洞

Description

Siemens SIMATIC WinCC OA UI for Android和iOS都是德国西门子（Siemens）公司的产品。Siemens SIMATIC WinCC OA UI for Android是一套基于Android平台的SCADA系统控制界面。SIMATIC WinCC OA UI for iOS是它的基于iOS平台的版本。基于Android平台的SIMATIC WinCC OA UI和基于iOS平台的SIMATIC WinCC OA UI中存在安全漏洞。攻击者可通过诱使用户连接到攻击者控制的WinCC OA服务器利用该漏洞读取或向应用程序文件夹中写入数据。

Severity

中

Patch Name

Siemens SIMATIC WinCC OA UI for Android和iOS访问绕过漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-822928.pdf https://www.securityfocus.com/bid/103475

Impacted products

Name
['Siemens SIMATIC WinCC OA UI for Android <V3.15.10', 'Siemens SIMATIC WinCC OA UI for IOS <V3.15.10']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "103475"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-4844"
    }
  },
  "description": "Siemens SIMATIC WinCC OA UI for Android\u548ciOS\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens SIMATIC WinCC OA UI for Android\u662f\u4e00\u5957\u57fa\u4e8eAndroid\u5e73\u53f0\u7684SCADA\u7cfb\u7edf\u63a7\u5236\u754c\u9762\u3002SIMATIC WinCC OA UI for iOS\u662f\u5b83\u7684\u57fa\u4e8eiOS\u5e73\u53f0\u7684\u7248\u672c\u3002\r\n\r\n\u57fa\u4e8eAndroid\u5e73\u53f0\u7684SIMATIC WinCC OA UI\u548c\u57fa\u4e8eiOS\u5e73\u53f0\u7684SIMATIC WinCC OA UI\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bf1\u4f7f\u7528\u6237\u8fde\u63a5\u5230\u653b\u51fb\u8005\u63a7\u5236\u7684WinCC OA\u670d\u52a1\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u5411\u5e94\u7528\u7a0b\u5e8f\u6587\u4ef6\u5939\u4e2d\u5199\u5165\u6570\u636e\u3002",
  "discovererName": "Alexander Bolshev",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://cert-portal.siemens.com/productcert/pdf/ssa-592007.pdf",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-06261",
  "openTime": "2018-03-26",
  "patchDescription": "Siemens SIMATIC WinCC OA UI for Android\u548ciOS\u90fd\u662f\u5fb7\u56fd\u897f\u95e8\u5b50\uff08Siemens\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Siemens SIMATIC WinCC OA UI for Android\u662f\u4e00\u5957\u57fa\u4e8eAndroid\u5e73\u53f0\u7684SCADA\u7cfb\u7edf\u63a7\u5236\u754c\u9762\u3002SIMATIC WinCC OA UI for iOS\u662f\u5b83\u7684\u57fa\u4e8eiOS\u5e73\u53f0\u7684\u7248\u672c\u3002\r\n\r\n\u57fa\u4e8eAndroid\u5e73\u53f0\u7684SIMATIC WinCC OA UI\u548c\u57fa\u4e8eiOS\u5e73\u53f0\u7684SIMATIC WinCC OA UI\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bf1\u4f7f\u7528\u6237\u8fde\u63a5\u5230\u653b\u51fb\u8005\u63a7\u5236\u7684WinCC OA\u670d\u52a1\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u5411\u5e94\u7528\u7a0b\u5e8f\u6587\u4ef6\u5939\u4e2d\u5199\u5165\u6570\u636e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Siemens SIMATIC WinCC OA UI for Android\u548ciOS\u8bbf\u95ee\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Siemens SIMATIC WinCC OA UI for Android \u003cV3.15.10",
      "Siemens SIMATIC WinCC OA UI for IOS \u003cV3.15.10"
    ]
  },
  "referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-822928.pdf\r\nhttps://www.securityfocus.com/bid/103475",
  "serverity": "\u4e2d",
  "submitTime": "2018-03-23",
  "title": "Siemens SIMATIC WinCC OA UI for Android\u548ciOS\u8bbf\u95ee\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2018-4844 (GCVE-0-2018-4844)

Vulnerability from cvelistv5

Published

2018-03-20 14:00

Modified

2024-09-17 03:12

Severity ?

CWE

CWE-284 - Improper Access Control

Summary

A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10), SIMATIC WinCC OA UI for iOS (All versions < V3.15.10). Insufficient limitation of CONTROL script capabilities could allow read and write access from one HMI project cache folder to other HMI project cache folders within the app's sandbox on the same mobile device. This includes HMI project cache folders of other configured WinCC OA servers. The security vulnerability could be exploited by an attacker who tricks an app user to connect to an attacker-controlled WinCC OA server. Successful exploitation requires user interaction and read/write access to the app's folder on a mobile device. The vulnerability could allow reading data from and writing data to the app's folder. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue.

References

URL

Tags

	https://cert-portal.siemens.com/productcert/pdf/ssa-822928.pdf	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/103475	vdb-entry, x_refsource_BID