icsa-20-196-05
Vulnerability from csaf_cisa
Published
2020-07-14 00:00
Modified
2021-07-13 00:00
Summary
Siemens UMC Stack (Update H)

Notes

CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to cause a partial denial-of-service condition on the UMC component of the affected devices under certain circumstances. This could also allow an attacker to locally escalate privileges from a user with administrative privileges to execute code with SYSTEM level privileges.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Exploitability
No known public exploits specifically target these vulnerabilities.



{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Victor Fidalgo"
        ],
        "organization": "INCIBE",
        "summary": "reporting these vulnerabilities to Siemens"
      },
      {
        "names": [
          "Reid Wightman"
        ],
        "organization": "Dragos",
        "summary": "reporting these vulnerabilities to Siemens"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to cause a partial denial-of-service condition on the UMC component of the affected devices under certain circumstances. This could also allow an attacker to locally escalate privileges from a user with administrative privileges to execute code with SYSTEM level privileges.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage onus-cert.cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SSA-841348: Multiple Vulnerabilities in the UMC Component - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-841348.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-196-05 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-196-05.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-20-196-05 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-196-05"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ncas/tips/ST04-014"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-20-196-05"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "SSA-841348: Multiple Vulnerabilities in the UMC Component - PDF Version",
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
      },
      {
        "category": "external",
        "summary": "SSA-841348: Multiple Vulnerabilities in the UMC Component - TXT Version",
        "url": "https://cert-portal.siemens.com/productcert/txt/ssa-841348.txt"
      }
    ],
    "title": "Siemens UMC Stack (Update H)",
    "tracking": {
      "current_release_date": "2021-07-13T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-20-196-05",
      "initial_release_date": "2020-07-14T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2020-07-14T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-20-196-05 Siemens UMC Stack"
        },
        {
          "date": "2020-08-11T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update A)"
        },
        {
          "date": "2020-09-08T00:00:00.000000Z",
          "legacy_version": "B",
          "number": "3",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update B)"
        },
        {
          "date": "2020-11-10T00:00:00.000000Z",
          "legacy_version": "C",
          "number": "4",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update C)"
        },
        {
          "date": "2020-12-08T00:00:00.000000Z",
          "legacy_version": "D",
          "number": "5",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update D)"
        },
        {
          "date": "2021-02-09T00:00:00.000000Z",
          "legacy_version": "E",
          "number": "6",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update E)"
        },
        {
          "date": "2021-03-09T00:00:00.000000Z",
          "legacy_version": "F",
          "number": "7",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update F)"
        },
        {
          "date": "2021-04-13T00:00:00.000000Z",
          "legacy_version": "G",
          "number": "8",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update G)"
        },
        {
          "date": "2021-07-13T00:00:00.000000Z",
          "legacy_version": "H",
          "number": "9",
          "summary": "ICSA-20-196-05 Siemens UMC Stack (Update H)"
        }
      ],
      "status": "final",
      "version": "9"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V3.2",
                "product": {
                  "name": "Opcenter Execution Discrete",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Opcenter Execution Discrete"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V3.2",
                "product": {
                  "name": "Opcenter Execution Foundation",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Opcenter Execution Foundation"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V3.2",
                "product": {
                  "name": "Opcenter Execution Process",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Opcenter Execution Process"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V3.3",
                "product": {
                  "name": "Opcenter Intelligence",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Opcenter Intelligence"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V11.3",
                "product": {
                  "name": "Opcenter Quality",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "Opcenter Quality"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "V8.0",
                "product": {
                  "name": "Opcenter RD\u0026L",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "Opcenter RD\u0026L"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V2.6",
                "product": {
                  "name": "SIMATIC IT LMS",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC IT LMS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V8.0",
                "product": {
                  "name": "SIMATIC IT Production Suite",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC IT Production Suite"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SIMATIC Notifier Server for Windows",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC Notifier Server for Windows"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V3.0 SP1",
                "product": {
                  "name": "SIMATIC PCS neo",
                  "product_id": "CSAFPID-00010"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC PCS neo"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V15.1 Update 5",
                "product": {
                  "name": "SIMATIC STEP 7 (TIA Portal) V15",
                  "product_id": "CSAFPID-00011"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC STEP 7 (TIA Portal) V15"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V16 Update 2",
                "product": {
                  "name": "SIMATIC STEP 7 (TIA Portal) V16",
                  "product_id": "CSAFPID-00012"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMATIC STEP 7 (TIA Portal) V16"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V15.1 Update 4",
                "product": {
                  "name": "SIMOCODE ES V15.1",
                  "product_id": "CSAFPID-00013"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMOCODE ES V15.1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V16 Update 1",
                "product": {
                  "name": "SIMOCODE ES V16",
                  "product_id": "CSAFPID-00014"
                }
              }
            ],
            "category": "product_name",
            "name": "SIMOCODE ES V16"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V15.1 Update 3",
                "product": {
                  "name": "Soft Starter ES V15.1",
                  "product_id": "CSAFPID-00015"
                }
              }
            ],
            "category": "product_name",
            "name": "Soft Starter ES V15.1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c V16 Update 1",
                "product": {
                  "name": "Soft Starter ES V16",
                  "product_id": "CSAFPID-00016"
                }
              }
            ],
            "category": "product_name",
            "name": "Soft Starter ES V16"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-7581",
      "cwe": {
        "id": "CWE-428",
        "name": "Unquoted Search Path or Element"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7581"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Have the software running on systems within trusted networks",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        },
        {
          "category": "mitigation",
          "details": "CVE-2020-7581: Make sure that there is no executable at the following\nlocations: C:\\Program.exe, C:\\Program Files\\Common.exe, or\nC:\\Program Files\\Common Files\\Siemens\\Automation\\Simatic.exe",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        },
        {
          "category": "no_fix_planned",
          "details": "Currently no fix is planned",
          "product_ids": [
            "CSAFPID-0009"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 2 or later version",
          "product_ids": [
            "CSAFPID-00012"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109775861/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.0 SP1 or later version. To obtain SIMATIC PCS neo contact your local support.",
          "product_ids": [
            "CSAFPID-00010"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Update 5 or later version",
          "product_ids": [
            "CSAFPID-00011"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763890/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.2 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.1 or later version",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V11.3 or later version",
          "product_ids": [
            "CSAFPID-0005"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.3 or later version",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15 Update 4 or later version",
          "product_ids": [
            "CSAFPID-00013"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768994/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 1 or later version",
          "product_ids": [
            "CSAFPID-00014"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109781888/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15 Update 3 or later version",
          "product_ids": [
            "CSAFPID-00015"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109769017/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 1 or later version",
          "product_ids": [
            "CSAFPID-00016"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109771657/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        }
      ],
      "title": "CVE-2020-7581"
    },
    {
      "cve": "CVE-2020-7587",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Sending multiple specially crafted packets to the affected service could\r\ncause a partial remote denial-of-service, that would cause the service\r\nto restart itself.\r\n\r\nOn some cases the vulnerability could leak random information from the\r\nremote service.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7587"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Have the software running on systems within trusted networks",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        },
        {
          "category": "no_fix_planned",
          "details": "Currently no fix is planned",
          "product_ids": [
            "CSAFPID-0009"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 2 or later version",
          "product_ids": [
            "CSAFPID-00012"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109775861/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.0 SP1 or later version. To obtain SIMATIC PCS neo contact your local support.",
          "product_ids": [
            "CSAFPID-00010"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Update 5 or later version",
          "product_ids": [
            "CSAFPID-00011"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763890/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.2 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.1 or later version",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V11.3 or later version",
          "product_ids": [
            "CSAFPID-0005"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.3 or later version",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2.6 or later version",
          "product_ids": [
            "CSAFPID-0007"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.0 or later version",
          "product_ids": [
            "CSAFPID-0008"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15 Update 4 or later version",
          "product_ids": [
            "CSAFPID-00013"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768994/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 1 or later version",
          "product_ids": [
            "CSAFPID-00014"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109781888/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15 Update 3 or later version",
          "product_ids": [
            "CSAFPID-00015"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109769017/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 1 or later version",
          "product_ids": [
            "CSAFPID-00016"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109771657/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        }
      ],
      "title": "CVE-2020-7587"
    },
    {
      "cve": "CVE-2020-7588",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Sending a specially crafted packet to the affected service could cause a\r\npartial remote denial-of-service, that would cause the service to restart\r\nitself.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0007",
          "CSAFPID-0008",
          "CSAFPID-0009",
          "CSAFPID-00010",
          "CSAFPID-00011",
          "CSAFPID-00012",
          "CSAFPID-00013",
          "CSAFPID-00014",
          "CSAFPID-00015",
          "CSAFPID-00016"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7588"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Have the software running on systems within trusted networks",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        },
        {
          "category": "no_fix_planned",
          "details": "Currently no fix is planned",
          "product_ids": [
            "CSAFPID-0009"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 2 or later version",
          "product_ids": [
            "CSAFPID-00012"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109775861/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.0 SP1 or later version. To obtain SIMATIC PCS neo contact your local support.",
          "product_ids": [
            "CSAFPID-00010"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15.1 Update 5 or later version",
          "product_ids": [
            "CSAFPID-00011"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109763890/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.2 or later version",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.1 or later version",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V11.3 or later version",
          "product_ids": [
            "CSAFPID-0005"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V3.3 or later version",
          "product_ids": [
            "CSAFPID-0004"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V2.6 or later version",
          "product_ids": [
            "CSAFPID-0007"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V8.0 or later version",
          "product_ids": [
            "CSAFPID-0008"
          ],
          "url": "https://support.sw.siemens.com/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15 Update 4 or later version",
          "product_ids": [
            "CSAFPID-00013"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109768994/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 1 or later version",
          "product_ids": [
            "CSAFPID-00014"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109781888/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V15 Update 3 or later version",
          "product_ids": [
            "CSAFPID-00015"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109769017/"
        },
        {
          "category": "vendor_fix",
          "details": "Update to V16 Update 1 or later version",
          "product_ids": [
            "CSAFPID-00016"
          ],
          "url": "https://support.industry.siemens.com/cs/ww/en/view/109771657/"
        },
        {
          "category": "mitigation",
          "details": "As a general security measure, Siemens strongly recommends to protect\nnetwork access to devices with appropriate mechanisms. In order to\noperate the devices in a protected IT environment, Siemens recommends\nto configure the environment according to Siemens\u0027 operational\nguidelines for Industrial Security (Download:\nhttps://www.siemens.com/cert/operational-guidelines-industrial-\nsecurity), and to follow the recommendations in the product manuals.\n\nAdditional information on Industrial Security by Siemens can be found\nat: https://www.siemens.com/industrialsecurity",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0007",
            "CSAFPID-0008",
            "CSAFPID-0009",
            "CSAFPID-00010",
            "CSAFPID-00011",
            "CSAFPID-00012",
            "CSAFPID-00013",
            "CSAFPID-00014",
            "CSAFPID-00015",
            "CSAFPID-00016"
          ]
        }
      ],
      "title": "CVE-2020-7588"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.