var-201904-0176
Vulnerability from variot

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens has a denial of service vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0176",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf188c",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic rf600r",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic s7-1500t",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.5"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi comfort outdoor panels",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic et 200 open controller cpu 1515sp pc2",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.7"
      },
      {
        "model": "simatic rf188c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc oa",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.15-p018"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc runtime mobile",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500s",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.5"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp900",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "sinec-nms",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic cp443-1 opc ua",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic rf600r",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.5"
      },
      {
        "model": "sinec-nms",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.0"
      },
      {
        "model": "simatic s7-1500f",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.5"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic net pc software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinumerik opc ua server",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp400f",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "simatic wincc runtime comfort",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "opc unified architecture",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.5"
      },
      {
        "model": "simatic hmi ktp mobile panels ktp700f",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.1"
      },
      {
        "model": "telecontrol server basic",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.1.1"
      },
      {
        "model": "simatic wincc runtime hsp comfort",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic cp 443-1 opc-ua",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et 200 open controller cpu 1515sp pc2",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc oa",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic s7-1500 cpu family",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v2.5"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=v2.5"
      },
      {
        "model": "simatic wincc oa \u003cv3.15-p018",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinema server",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik opc ua server",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v2.1"
      },
      {
        "model": "telecontrol server basics",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime comfort",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime mobile",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinec-nms",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic cp443-1 opc ua",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic et200 open controller cpu 1515sp pc2",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime hsp comfort",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "telecontrol server basic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.1"
      },
      {
        "model": "telecontrol server basic sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "telecontrol server basic",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "sinumerik opc ua server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "sinec-nms",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime mobile",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime hsp comfort",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime comfort",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc oa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.15"
      },
      {
        "model": "simatic wincc oa 3.14-p021",
        "scope": null,
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc oa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.14"
      },
      {
        "model": "simatic wincc oa p002",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.12"
      },
      {
        "model": "simatic wincc oa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "3.12"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.7"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.5"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.8.5"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.8.3"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.7"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.5"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.0"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.6"
      },
      {
        "model": "simatic s7-1500",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "1.5.0"
      },
      {
        "model": "simatic rf600r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic rf188c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic net pc software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic ipc diagmonitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic et200 open controller cpu 1515sp pc2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic cp opc ua",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "443-10"
      },
      {
        "model": "sinumerik opc ua server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "2.1"
      },
      {
        "model": "simatic wincc oa 3.15-p018",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic cp443 1 opc ua",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500s",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500t",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic et 200 open controller cpu 1515sp pc2",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic ipc diagmonitor",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic net pc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf188c",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic rf600r",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500 controller",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc oa",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime advanced",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime comfort",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime hsp comfort",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime mobile",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinec nms",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinema server",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "sinumerik opc ua server",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "telecontrol server basic",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic s7 1500f",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "BID",
        "id": "107833"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_cp_443-1_std_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_ipc_diagmonitor_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_net_pc-software",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf188c_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_rf600r_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_software_controller_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:siemens:simatic_s7-1500_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_open_architecture",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:wincc_runtime_advanced",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens,Siemens ProductCERT reported this vulnerability to NCCIC.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-6575",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2019-6575",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-12905",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-158010",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-6575",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-6575",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-6575",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-6575",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-12905",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201904-462",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-158010",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-6575",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-6575"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens has a denial of service vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-6575"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "BID",
        "id": "107833"
      },
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-6575"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-6575",
        "trust": 3.7
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-099-03",
        "trust": 2.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-307392",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "107833",
        "trust": 1.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1205",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "B72B932A-FFE5-40C4-80A7-5E3F71B449FC",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-158010",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-6575",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-6575"
      },
      {
        "db": "BID",
        "id": "107833"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "id": "VAR-201904-0176",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158010"
      }
    ],
    "trust": 1.5723463029411764
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.2
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:45:04.929000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-307392",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
      },
      {
        "title": "SiemensIndustrialProductswithOPCUA denial of service vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/160239"
      },
      {
        "title": "Siemens OPC UA Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91290"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=f300e0ed579e6a7eeebba4d6b8703ede"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-6575"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-755",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-248",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-03"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6575"
      },
      {
        "trust": 0.9,
        "url": "http://www.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6575"
      },
      {
        "trust": 0.7,
        "url": "https://www.securityfocus.com/bid/107833"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-ua-4840-tcp-28974"
      },
      {
        "trust": 0.6,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-03"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/78742"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/755.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-19-099-03"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-6575"
      },
      {
        "db": "BID",
        "id": "107833"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-6575"
      },
      {
        "db": "BID",
        "id": "107833"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-05T00:00:00",
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "date": "2019-05-05T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "date": "2019-04-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "date": "2019-04-17T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-6575"
      },
      {
        "date": "2019-04-09T00:00:00",
        "db": "BID",
        "id": "107833"
      },
      {
        "date": "2019-05-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "date": "2019-04-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      },
      {
        "date": "2019-04-17T14:29:03.760000",
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-07T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      },
      {
        "date": "2020-10-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-158010"
      },
      {
        "date": "2022-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-6575"
      },
      {
        "date": "2019-04-09T00:00:00",
        "db": "BID",
        "id": "107833"
      },
      {
        "date": "2019-05-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-003488"
      },
      {
        "date": "2022-08-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      },
      {
        "date": "2024-11-21T04:46:43.960000",
        "db": "NVD",
        "id": "CVE-2019-6575"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Industrial Products with OPC UA Denial of service vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-12905"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input validation error",
    "sources": [
      {
        "db": "IVD",
        "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201904-462"
      }
    ],
    "trust": 0.8
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.