Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-6570 (GCVE-0-2019-6570)
Vulnerability from cvelistv5
Published
2019-04-17 13:40
Modified
2024-08-04 20:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | SINEMA Remote Connect Server |
Version: All versions < V2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SINEMA Remote Connect Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-280",
"description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-15T17:03:30",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-6570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SINEMA Remote Connect Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-280: Improper Handling of Insufficient Permissions or Privileges "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-6570",
"datePublished": "2019-04-17T13:40:24",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-6570\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2019-04-17T14:29:03.730\",\"lastModified\":\"2024-11-21T04:46:43.400\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V2.0). Debido a la insuficiente comprobaci\u00f3n de los permisos de los usuarios, un atacante puede acceder a URLs que requieren una autorizaci\u00f3n especial. Un atacante debe tener acceso a una cuenta con pocos privilegios para poder explotar la vulnerabilidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-280\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0\",\"matchCriteriaId\":\"5AB7DB4A-B5E8-4D44-8006-4675EA8CD8B1\"}]}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf\",\"source\":\"productcert@siemens.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
fkie_cve-2019-6570
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:46
Severity ?
Summary
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | sinema_remote_connect_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB7DB4A-B5E8-4D44-8006-4675EA8CD8B1",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SINEMA Remote Connect Server (Todas las versiones anteriores a V2.0). Debido a la insuficiente comprobaci\u00f3n de los permisos de los usuarios, un atacante puede acceder a URLs que requieren una autorizaci\u00f3n especial. Un atacante debe tener acceso a una cuenta con pocos privilegios para poder explotar la vulnerabilidad"
}
],
"id": "CVE-2019-6570",
"lastModified": "2024-11-21T04:46:43.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:03.730",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-280"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
ghsa-qp82-v7w8-wfwq
Vulnerability from github
Published
2022-05-13 01:11
Modified
2022-05-13 01:11
Severity ?
VLAI Severity ?
Details
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.
{
"affected": [],
"aliases": [
"CVE-2019-6570"
],
"database_specific": {
"cwe_ids": [
"CWE-280"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-17T14:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.",
"id": "GHSA-qp82-v7w8-wfwq",
"modified": "2022-05-13T01:11:25Z",
"published": "2022-05-13T01:11:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6570"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
ICSA-21-068-10
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2021-03-09 00:00
Summary
Siemens SCALANCE and SIMATIC libcurl (Update B)
Notes
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional Resources
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from a Siemens ProductCERT's advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.",
"title": "General Recommendations"
},
{
"category": "general",
"text": "Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from a Siemens ProductCERT\u0027s advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-436177.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-10 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-068-10.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-10 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-10"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SCALANCE and SIMATIC libcurl (Update B)",
"tracking": {
"current_release_date": "2021-03-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-068-10",
"initial_release_date": "2019-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-04-09T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2021-03-09T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2019-3823"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.0_HF1",
"product": {
"name": "Siemens SINEMA Remote Connect Client: All versions \u003c V2.0 HF1",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.0",
"product": {
"name": "Siemens SINEMA Remote Connect Server: All versions \u003c V2.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Server"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14618",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2018-14618"
},
{
"cve": "CVE-2018-16890",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2018-16890"
},
{
"cve": "CVE-2019-3822",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Turn off NTLM authentication to mitigate CVE-2019-3822",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-3822"
},
{
"cve": "CVE-2019-3823",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-3823"
},
{
"cve": "CVE-2019-6570",
"cwe": {
"id": "CWE-280",
"name": "Improper Handling of Insufficient Permissions or Privileges "
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0",
"product_ids": [
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0002"
]
}
],
"title": "CVE-2019-6570"
}
]
}
icsa-19-099-04
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2021-03-09 00:00
Summary
Siemens SINEMA Remote Connect (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.
Critical infrastructure sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products:
- - Siemens Security Advisory SSA-936080
For more details regarding the libcurl vulnerability refer to:
- - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer
read"
- - Project curl Security Advisory "NTLMv2 type-3 header stack buffer
overflow"
- - Project curl Security Advisory "SMTP end-of-response out-of-bounds
read"
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer read" - - Project curl Security Advisory "NTLMv2 type-3 header stack buffer overflow" - - Project curl Security Advisory "SMTP end-of-response out-of-bounds read" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Impact of libcurl vulnerabilities to other Siemens products:\n\n- - Siemens Security Advisory SSA-936080\n\nFor more details regarding the libcurl vulnerability refer to:\n\n- - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer\n read\"\n\n- - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer\n overflow\"\n\n- - Project curl Security Advisory \"SMTP end-of-response out-of-bounds\n read\"\n\nFor further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer read\" - - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer overflow\" - - Project curl Security Advisory \"SMTP end-of-response out-of-bounds read\" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-099-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-04 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-099-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-436177.txt"
}
],
"title": "Siemens SINEMA Remote Connect (Update A)",
"tracking": {
"current_release_date": "2021-03-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-099-04",
"initial_release_date": "2019-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-04-09T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-099-04 Siemens SINEMA Remote Connect"
},
{
"date": "2021-03-09T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-19-099-04 Siemens SINEMA Remote Connect (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.0 HF1",
"product": {
"name": "SINEMA Remote Connect Client: All versions \u003c V2.0 HF1",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.0",
"product": {
"name": "SINEMA Remote Connect Server: All versions \u003c V2.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Server"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14618",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14618"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2018-16890",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap buffer out-of-bounds read.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16890"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2019-3822",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a stack-based buffer overflow.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3822"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2019-3823",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.",
"title": "Summary"
},
{
"category": "summary",
"text": "This vulnerability could allow an attacker to trigger a Denial-of-Service condition on the affected devices.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3823"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2019-6570",
"cwe": {
"id": "CWE-280",
"name": "Improper Handling of Insufficient Permissions or Privileges "
},
"notes": [
{
"category": "summary",
"text": "Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization.",
"title": "Summary"
},
{
"category": "summary",
"text": "An attacker must have access to a low privileged account in order to exploit the vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6570"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
icsa-21-068-10
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2021-03-09 00:00
Summary
Siemens SCALANCE and SIMATIC libcurl (Update B)
Notes
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional Resources
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from a Siemens ProductCERT's advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.",
"title": "General Recommendations"
},
{
"category": "general",
"text": "Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from a Siemens ProductCERT\u0027s advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-436177.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-10 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-068-10.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-21-068-10 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-068-10"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens SCALANCE and SIMATIC libcurl (Update B)",
"tracking": {
"current_release_date": "2021-03-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-21-068-10",
"initial_release_date": "2019-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-04-09T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2021-03-09T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2019-3823"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.0_HF1",
"product": {
"name": "Siemens SINEMA Remote Connect Client: All versions \u003c V2.0 HF1",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.0",
"product": {
"name": "Siemens SINEMA Remote Connect Server: All versions \u003c V2.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Server"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14618",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2018-14618"
},
{
"cve": "CVE-2018-16890",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2018-16890"
},
{
"cve": "CVE-2019-3822",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Turn off NTLM authentication to mitigate CVE-2019-3822",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-3822"
},
{
"cve": "CVE-2019-3823",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2019-3823"
},
{
"cve": "CVE-2019-6570",
"cwe": {
"id": "CWE-280",
"name": "Improper Handling of Insufficient Permissions or Privileges "
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl. The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V2.0",
"product_ids": [
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0002"
]
}
],
"title": "CVE-2019-6570"
}
]
}
ICSA-19-099-04
Vulnerability from csaf_cisa
Published
2019-04-09 00:00
Modified
2021-03-09 00:00
Summary
Siemens SINEMA Remote Connect (Update A)
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.
Critical infrastructure sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products:
- - Siemens Security Advisory SSA-936080
For more details regarding the libcurl vulnerability refer to:
- - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer
read"
- - Project curl Security Advisory "NTLMv2 type-3 header stack buffer
overflow"
- - Project curl Security Advisory "SMTP end-of-response out-of-bounds
read"
For further inquiries on security vulnerabilities in Siemens products and
solutions, please contact the Siemens ProductCERT:
https://www.siemens.com/cert/advisories
Additional Resources
Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory "NTLM type-2 out-of-bounds buffer read" - - Project curl Security Advisory "NTLMv2 type-3 header stack buffer overflow" - - Project curl Security Advisory "SMTP end-of-response out-of-bounds read" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Impact of libcurl vulnerabilities to other Siemens products:\n\n- - Siemens Security Advisory SSA-936080\n\nFor more details regarding the libcurl vulnerability refer to:\n\n- - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer\n read\"\n\n- - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer\n overflow\"\n\n- - Project curl Security Advisory \"SMTP end-of-response out-of-bounds\n read\"\n\nFor further inquiries on security vulnerabilities in Siemens products and \nsolutions, please contact the Siemens ProductCERT:\n\nhttps://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "general",
"text": "Impact of libcurl vulnerabilities to other Siemens products: - - Siemens Security Advisory SSA-936080 For more details regarding the libcurl vulnerability refer to: - - Project curl Security Advisory \"NTLM type-2 out-of-bounds buffer read\" - - Project curl Security Advisory \"NTLMv2 type-3 header stack buffer overflow\" - - Project curl Security Advisory \"SMTP end-of-response out-of-bounds read\" For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-04 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2019/icsa-19-099-04.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-19-099-04 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-19-099-04"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "SSA-496604: SSA-436177: Multiple Vulnerabilities in SINEMA Remote Connect - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/SSA-436177.txt"
}
],
"title": "Siemens SINEMA Remote Connect (Update A)",
"tracking": {
"current_release_date": "2021-03-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-19-099-04",
"initial_release_date": "2019-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2019-04-09T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-19-099-04 Siemens SINEMA Remote Connect"
},
{
"date": "2021-03-09T00:00:00.000000Z",
"legacy_version": "A",
"number": "2",
"summary": "ICSA-19-099-04 Siemens SINEMA Remote Connect (Update A)"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.0 HF1",
"product": {
"name": "SINEMA Remote Connect Client: All versions \u003c V2.0 HF1",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "All versions \u003c V2.0",
"product": {
"name": "SINEMA Remote Connect Server: All versions \u003c V2.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "SINEMA Remote Connect Server"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14618",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.15.4 to and including 7.61.0 are vulnerable to a buffer overrun. The flaw is caused by an improper calculation of the required buffer size in the Curl_ntlm_core_mk_nt_hash function of libcurl.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14618"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2018-16890",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap buffer out-of-bounds read.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16890"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2019-3822",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a stack-based buffer overflow.",
"title": "Summary"
},
{
"category": "summary",
"text": "The security vulnerability could be exploited by an attacker providing a malicious HTTP server.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3822"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2019-3823",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "The libcurl library versions 7.34.0 to and including 7.63.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.",
"title": "Summary"
},
{
"category": "summary",
"text": "This vulnerability could allow an attacker to trigger a Denial-of-Service condition on the affected devices.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-3823"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 HF1 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2019-6570",
"cwe": {
"id": "CWE-280",
"name": "Improper Handling of Insufficient Permissions or Privileges "
},
"notes": [
{
"category": "summary",
"text": "Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization.",
"title": "Summary"
},
{
"category": "summary",
"text": "An attacker must have access to a low privileged account in order to exploit the vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"references": [
{
"category": "external",
"summary": "https://support.industry.siemens.com/cs/de/en/view/109764829/",
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6570"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Turn off NTLM authentication to mitigate CVE-2018-16890 and\nCVE-2019-3822",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Turn off SMTP to mitigate CVE-2019-3823",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "vendor_fix",
"details": "Update to V2.0 - Download: https://support.industry.siemens.com/cs/de/en/view/109764829/ ",
"product_ids": [
"CSAFPID-0002"
],
"url": "https://support.industry.siemens.com/cs/de/en/view/109764829/"
},
{
"category": "mitigation",
"details": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
cnvd-2019-10133
Vulnerability from cnvd
Title
Siemens SINEMA未经授权访问漏洞
Description
Siemens是一家全球领先的科技企业,凭借电气化、自动化和数字化领域的创新,在发电和输配电、基础设施、工业自动化、驱动和软件等领域为客户提供解决方案的一家公司。
Siemens SINEMA存在未经授权访问漏洞,攻击者可以利用该漏洞获取未经授权的访问并执行未经授权的操作。
Severity
高
VLAI Severity ?
Patch Name
Siemens SINEMA未经授权访问漏洞的补丁
Patch Description
Siemens是一家全球领先的科技企业,凭借电气化、自动化和数字化领域的创新,在发电和输配电、基础设施、工业自动化、驱动和软件等领域为客户提供解决方案的一家公司。
Siemens SINEMA存在未经授权访问漏洞,攻击者可以利用该漏洞获取未经授权的访问并执行未经授权的操作。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页: https://www.siemens.com/
Reference
https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf
Impacted products
| Name | SIEMENS SINEMA Remote Connect Server <1.2 |
|---|
{
"bids": {
"bid": {
"bidNumber": "107843"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2019-6570"
}
},
"description": "Siemens\u662f\u4e00\u5bb6\u5168\u7403\u9886\u5148\u7684\u79d1\u6280\u4f01\u4e1a,\u51ed\u501f\u7535\u6c14\u5316\u3001\u81ea\u52a8\u5316\u548c\u6570\u5b57\u5316\u9886\u57df\u7684\u521b\u65b0,\u5728\u53d1\u7535\u548c\u8f93\u914d\u7535\u3001\u57fa\u7840\u8bbe\u65bd\u3001\u5de5\u4e1a\u81ea\u52a8\u5316\u3001\u9a71\u52a8\u548c\u8f6f\u4ef6\u7b49\u9886\u57df\u4e3a\u5ba2\u6237\u63d0\u4f9b\u89e3\u51b3\u65b9\u6848\u7684\u4e00\u5bb6\u516c\u53f8\u3002\n\nSiemens SINEMA\u5b58\u5728\u672a\u7ecf\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u5e76\u6267\u884c\u672a\u7ecf\u6388\u6743\u7684\u64cd\u4f5c\u3002",
"discovererName": "Siemens",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.siemens.com/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-10133",
"openTime": "2019-04-17",
"patchDescription": "Siemens\u662f\u4e00\u5bb6\u5168\u7403\u9886\u5148\u7684\u79d1\u6280\u4f01\u4e1a,\u51ed\u501f\u7535\u6c14\u5316\u3001\u81ea\u52a8\u5316\u548c\u6570\u5b57\u5316\u9886\u57df\u7684\u521b\u65b0,\u5728\u53d1\u7535\u548c\u8f93\u914d\u7535\u3001\u57fa\u7840\u8bbe\u65bd\u3001\u5de5\u4e1a\u81ea\u52a8\u5316\u3001\u9a71\u52a8\u548c\u8f6f\u4ef6\u7b49\u9886\u57df\u4e3a\u5ba2\u6237\u63d0\u4f9b\u89e3\u51b3\u65b9\u6848\u7684\u4e00\u5bb6\u516c\u53f8\u3002\r\n\r\nSiemens SINEMA\u5b58\u5728\u672a\u7ecf\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u7ecf\u6388\u6743\u7684\u8bbf\u95ee\u5e76\u6267\u884c\u672a\u7ecf\u6388\u6743\u7684\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Siemens SINEMA\u672a\u7ecf\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "SIEMENS SINEMA Remote Connect Server \u003c1.2"
},
"referenceLink": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
"serverity": "\u9ad8",
"submitTime": "2019-04-12",
"title": "Siemens SINEMA\u672a\u7ecf\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}
CERTFR-2019-AVI-151
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SINAMICS G150 V4.6 toutes versions | ||
| Siemens | N/A | SINAMICS G150 V4.7 toutes versions | ||
| Siemens | N/A | SITOP PSU8600 toutes versions | ||
| Siemens | N/A | SIMATIC RF186C toutes versions | ||
| Siemens | N/A | SIMATIC Teleservice Adapter IE Standard toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU family toutes versions | ||
| Siemens | N/A | SIMATIC RF181-EIP toutes versions | ||
| Siemens | N/A | SINAMICS S150 V4.8 toutes versions antérieures à V4.8 HF6 | ||
| Siemens | N/A | SIMOCODE pro V PN toutes versions | ||
| Siemens | N/A | SINAMICS G150 V5.1 SP1 toutes versions antérieures à V5.1 SP1 HF4 | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller toutes versions V2.5 et postérieures | ||
| Siemens | N/A | SINAMICS S150 V4.7 toutes versions | ||
| Siemens | N/A | SIMATIC ET 200 Open Controller CPU 1515SPPC2 toutes versions | ||
| Siemens | N/A | SIMATIC CP343-1 Advanced toutes versions | ||
| Siemens | N/A | TeleControl Server Basic toutes versions | ||
| Siemens | N/A | TIM 1531 IRC toutes versions | ||
| Siemens | N/A | SIMATIC CP443-1 OPC UA toutes versions | ||
| Siemens | N/A | SIMATIC HMI Comfort Outdoor Panels 7" & 15" toutes versions | ||
| Siemens | N/A | SINAMICS S210 V5.1 SP1 toutes versions | ||
| Siemens | N/A | SINAMICS G130 V5.1 SP1 toutes versions antérieures à V5.1 SP1 HF4 | ||
| Siemens | N/A | SIMATIC Teleservice Adapter IE Basic toutes versions | ||
| Siemens | N/A | CP1616 toutes versions | ||
| Siemens | N/A | SINAMICS S120 V4.7 toutes versions | ||
| Siemens | N/A | SIMATIC WinCC Runtime Mobile toutes versions | ||
| Siemens | N/A | SINAMICS S120 V5.1 SP1 toutes versions antérieures à V5.1 SP1 HF4 | ||
| Siemens | N/A | SINAMICS G130 V4.8 toutes versions antérieures à V4.8 HF6 | ||
| Siemens | N/A | SIMATIC S7-300 CPU family toutes versions antérieures à V3.X.16 | ||
| Siemens | N/A | CP1604 toutes versions | ||
| Siemens | N/A | SINEMA Remote Connect Client toutes versions antérieures à V2.0 HF1 | ||
| Siemens | N/A | SITOP Manager toutes versions | ||
| Siemens | N/A | SINAMICS G150 V5.1 toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU family toutes versions V2.5 et postérieures | ||
| Siemens | N/A | SIMOCODE pro V EIP toutes versions antérieures à V1.0.2 | ||
| Siemens | N/A | SIMATIC CP443-1 Advanced toutes versions | ||
| Siemens | N/A | SINAMICS G150 V4.8 toutes versions antérieures à V4.8 HF6 | ||
| Siemens | N/A | SINEMA Remote Connect Server toutes versions antérieures à V2 | ||
| Siemens | N/A | SINAMICS G150 V4.7 SP1 toutes versions | ||
| Siemens | N/A | SIMATIC WinAC RTX 2010 toutes versions | ||
| Siemens | N/A | Spectrum Power 4 avec Web Office Portal | ||
| Siemens | N/A | SIMATIC HMI Comfort Panels 4" - 22" toutes versions | ||
| Siemens | N/A | SINAMICS S150 V5.1 SP1 toutes versions antérieures à V5.1 SP1 HF4 | ||
| Siemens | N/A | SINAMICS G130 V4.6 toutes versions | ||
| Siemens | N/A | SINAMICS S150 V4.7 SP1 toutes versions | ||
| Siemens | N/A | SIMATIC S7-PLCSIM Advanced toutes versions | ||
| Siemens | N/A | SIMATIC WinCC Runtime HSP Comfort toutes versions | ||
| Siemens | N/A | SIMOCODE pro V EIP toutes versions | ||
| Siemens | N/A | SIAMTIC RF185C toutes versions | ||
| Siemens | N/A | SIMATIC ET 200 SP Open Controller CPU1515SP PC2 toutes versions | ||
| Siemens | N/A | SIMATIC Teleservice Adapter IE Advanced toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 PN/DP V7 (incl. F) toutes versions | ||
| Siemens | N/A | SIMATIC WinCC Runtime Advanced toutes versions | ||
| Siemens | N/A | SIMATIC IPC DiagMonitor toutes versions | ||
| Siemens | N/A | SINAMICS S120 V4.6 toutes versions | ||
| Siemens | N/A | SIMATIC WinCC OA toutes versions antérieures à V3.15-P018 | ||
| Siemens | N/A | SINAMICS S150 V4.6 toutes versions | ||
| Siemens | N/A | SIMATIC WinCC Runtime Comfort toutes versions | ||
| Siemens | N/A | SINAMICS G130 V4.7 toutes versions | ||
| Siemens | N/A | SINUMERIK OPC UA Server toutes versions antérieures à V2.1 | ||
| Siemens | N/A | SINAMICS G130 V4.7 SP1 toutes versions | ||
| Siemens | N/A | SIMATIC S7-400 PN (incl. F) V6 et antérieures toutes versions | ||
| Siemens | N/A | SINEMA Server toutes versions | ||
| Siemens | N/A | SINAMICS S120 V5.1 toutes versions | ||
| Siemens | N/A | SIMATIC RF188C toutes versions | ||
| Siemens | N/A | SITOP UPS1600 toutes versions | ||
| Siemens | N/A | SINAMICS S120 V4.8 toutes versions antérieures à V4.8 HF | ||
| Siemens | N/A | SIMATIC CP443-1 toutes versions | ||
| Siemens | N/A | SIMATIC ET 200 SP Open Controller CPU1515SP PC toutes versions antérieures à V2.1.6 | ||
| Siemens | N/A | SINAMICS S210 V5.1 toutes versions | ||
| Siemens | N/A | SINAMICS G130 V5.1 toutes versions | ||
| Siemens | N/A | RUGGEDCOM ROX II toutes versions antérieures à V2.13.0 | ||
| Siemens | N/A | SIMATIC NET PC Software toutes versions | ||
| Siemens | N/A | SINEC-NMS toutes versions | ||
| Siemens | N/A | SINAMICS S120 V4.7 SP1 toutes versions | ||
| Siemens | N/A | SIMATIC RF600R toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller toutes versions | ||
| Siemens | N/A | SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F toutes versions | ||
| Siemens | N/A | SIMATIC RF182C toutes versions | ||
| Siemens | N/A | SINAMICS S150 V5.1 toutes versions |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SINAMICS G150 V4.6 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G150 V4.7 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SITOP PSU8600 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF186C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Teleservice Adapter IE Standard toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU family toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF181-EIP toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S150 V4.8 toutes versions ant\u00e9rieures \u00e0 V4.8 HF6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOCODE pro V PN toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G150 V5.1 SP1 toutes versions ant\u00e9rieures \u00e0 V5.1 SP1 HF4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller toutes versions V2.5 et post\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S150 V4.7 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200 Open Controller CPU 1515SPPC2 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP343-1 Advanced toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TeleControl Server Basic toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIM 1531 IRC toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP443-1 OPC UA toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 V5.1 SP1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G130 V5.1 SP1 toutes versions ant\u00e9rieures \u00e0 V5.1 SP1 HF4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Teleservice Adapter IE Basic toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CP1616 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 V4.7 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Mobile toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 V5.1 SP1 toutes versions ant\u00e9rieures \u00e0 V5.1 SP1 HF4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G130 V4.8 toutes versions ant\u00e9rieures \u00e0 V4.8 HF6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU family toutes versions ant\u00e9rieures \u00e0 V3.X.16",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CP1604 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Client toutes versions ant\u00e9rieures \u00e0 V2.0 HF1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SITOP Manager toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G150 V5.1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU family toutes versions V2.5 et post\u00e9rieures",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOCODE pro V EIP toutes versions ant\u00e9rieures \u00e0 V1.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP443-1 Advanced toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G150 V4.8 toutes versions ant\u00e9rieures \u00e0 V4.8 HF6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Remote Connect Server toutes versions ant\u00e9rieures \u00e0 V2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G150 V4.7 SP1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinAC RTX 2010 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Spectrum Power 4 avec Web Office Portal",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI Comfort Panels 4\" - 22\" toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S150 V5.1 SP1 toutes versions ant\u00e9rieures \u00e0 V5.1 SP1 HF4",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G130 V4.6 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S150 V4.7 SP1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-PLCSIM Advanced toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime HSP Comfort toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOCODE pro V EIP toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIAMTIC RF185C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200 SP Open Controller CPU1515SP PC2 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Teleservice Adapter IE Advanced toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 PN/DP V7 (incl. F) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Advanced toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC DiagMonitor toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 V4.6 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC OA toutes versions ant\u00e9rieures \u00e0 V3.15-P018",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S150 V4.6 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC WinCC Runtime Comfort toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G130 V4.7 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK OPC UA Server toutes versions ant\u00e9rieures \u00e0 V2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G130 V4.7 SP1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 PN (incl. F) V6 et ant\u00e9rieures toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEMA Server toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 V5.1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF188C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SITOP UPS1600 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 V4.8 toutes versions ant\u00e9rieures \u00e0 V4.8 HF",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP443-1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200 SP Open Controller CPU1515SP PC toutes versions ant\u00e9rieures \u00e0 V2.1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S210 V5.1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS G130 V5.1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM ROX II toutes versions ant\u00e9rieures \u00e0 V2.13.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC NET PC Software toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINEC-NMS toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S120 V4.7 SP1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF600R toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC RF182C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINAMICS S150 V5.1 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-6579",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6579"
},
{
"name": "CVE-2019-6575",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6575"
},
{
"name": "CVE-2019-6568",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6568"
},
{
"name": "CVE-2018-5380",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5380"
},
{
"name": "CVE-2017-12741",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12741"
},
{
"name": "CVE-2018-5381",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5381"
},
{
"name": "CVE-2018-14618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14618"
},
{
"name": "CVE-2019-3822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3822"
},
{
"name": "CVE-2018-5379",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5379"
},
{
"name": "CVE-2018-16890",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16890"
},
{
"name": "CVE-2019-6570",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6570"
}
],
"initial_release_date": "2019-04-09T00:00:00",
"last_revision_date": "2019-04-09T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-151",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "SCADA Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-436177 du 09 avril 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-480230 du 09 avril 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-141614 du 09 avril 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-141614.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-324467 du 09 avril 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-324467.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-451142 du 09 avril 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451142.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens SSA-307392 du 09 avril 2019",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
]
}
var-201904-0175
Vulnerability from variot
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability. SINEMA Remote Connect Server Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens SINEMA has an unauthorized access vulnerability that an attacker can use to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. The platform supports efficient and secure remote access to machines and equipment distributed around the world, as well as secure management of VPN tunnels between control centers, service engineers and installed equipment. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0175",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sinema remote connect server",
"scope": "lt",
"trust": 1.8,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "sinema remote connect server",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "1.2"
},
{
"model": "sinema remote connect server",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1.2"
},
{
"model": "sinema remote connect server",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sinema remote connect server",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "BID",
"id": "107843"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:siemens:sinema_remote_connect_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens ProductCERT reported these vulnerabilities to NCCIC.,Siemens",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
}
],
"trust": 0.6
},
"cve": "CVE-2019-6570",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2019-6570",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-10133",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.7,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-158005",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-6570",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-6570",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-6570",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-6570",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-10133",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201904-466",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-158005",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-6570",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "VULHUB",
"id": "VHN-158005"
},
{
"db": "VULMON",
"id": "CVE-2019-6570"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
},
{
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability. SINEMA Remote Connect Server Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens SINEMA has an unauthorized access vulnerability that an attacker can use to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. An attacker could use the vulnerability to compromise confidentiality, integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. The platform supports efficient and secure remote access to machines and equipment distributed around the world, as well as secure management of VPN tunnels between control centers, service engineers and installed equipment. The vulnerability stems from the lack of effective permissions and access control measures in network systems or products",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-6570"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "BID",
"id": "107843"
},
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "VULHUB",
"id": "VHN-158005"
},
{
"db": "VULMON",
"id": "CVE-2019-6570"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-6570",
"trust": 3.7
},
{
"db": "SIEMENS",
"id": "SSA-436177",
"trust": 2.7
},
{
"db": "ICS CERT",
"id": "ICSA-19-099-04",
"trust": 1.8
},
{
"db": "BID",
"id": "107843",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201904-466",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-10133",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2019.1221",
"trust": 0.6
},
{
"db": "IVD",
"id": "7372E208-26D9-4CFC-93CD-B8E76B594C46",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-158005",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-6570",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "VULHUB",
"id": "VHN-158005"
},
{
"db": "VULMON",
"id": "CVE-2019-6570"
},
{
"db": "BID",
"id": "107843"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
},
{
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"id": "VAR-201904-0175",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "VULHUB",
"id": "VHN-158005"
}
],
"trust": 1.5003805
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
}
]
},
"last_update_date": "2024-11-23T21:18:59.392000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-436177",
"trust": 0.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
},
{
"title": "Siemens SINEMA Unauthorized Access Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/158809"
},
{
"title": "Haxx libcurl Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91294"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=8a056bd2177d12192b11798b7ac3e013"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "VULMON",
"id": "CVE-2019-6570"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.1
},
{
"problemtype": "CWE-280",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-158005"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6570"
},
{
"trust": 1.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-04"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6570"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-04"
},
{
"trust": 0.7,
"url": "https://www.securityfocus.com/bid/107843"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-19-099-04"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/78786"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/280.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "VULHUB",
"id": "VHN-158005"
},
{
"db": "VULMON",
"id": "CVE-2019-6570"
},
{
"db": "BID",
"id": "107843"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
},
{
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"db": "VULHUB",
"id": "VHN-158005"
},
{
"db": "VULMON",
"id": "CVE-2019-6570"
},
{
"db": "BID",
"id": "107843"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
},
{
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"date": "2019-04-17T00:00:00",
"db": "VULHUB",
"id": "VHN-158005"
},
{
"date": "2019-04-17T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6570"
},
{
"date": "2019-04-09T00:00:00",
"db": "BID",
"id": "107843"
},
{
"date": "2019-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-466"
},
{
"date": "2019-04-17T14:29:03.730000",
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-10133"
},
{
"date": "2020-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-158005"
},
{
"date": "2021-03-15T00:00:00",
"db": "VULMON",
"id": "CVE-2019-6570"
},
{
"date": "2019-04-09T00:00:00",
"db": "BID",
"id": "107843"
},
{
"date": "2019-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-003470"
},
{
"date": "2021-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201904-466"
},
{
"date": "2024-11-21T04:46:43.400000",
"db": "NVD",
"id": "CVE-2019-6570"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SINEMA Unauthorized Access Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7372e208-26d9-4cfc-93cd-b8e76b594c46"
},
{
"db": "CNVD",
"id": "CNVD-2019-10133"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201904-466"
}
],
"trust": 0.6
}
}
gsd-2019-6570
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-6570",
"description": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.",
"id": "GSD-2019-6570"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-6570"
],
"details": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability.",
"id": "GSD-2019-6570",
"modified": "2023-12-13T01:23:49.760706Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-6570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SINEMA Remote Connect Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.0"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-280: Improper Handling of Insufficient Permissions or Privileges "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-6570"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability has been identified in SINEMA Remote Connect Server (All versions \u003c V2.0). Due to insufficient checking of user permissions, an attacker may access URLs that require special authorization. An attacker must have access to a low privileged account in order to exploit the vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-280"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-03-15T18:15Z",
"publishedDate": "2019-04-17T14:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…