var-201905-1322
Vulnerability from variot

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities: 1. A denial-of-service vulnerability 2. An SQL injection vulnerability3. 3. An arbitrary command execution Exploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. The following Siemens SIMATIC products are affected: SIMATIC PCS 7 version 8.0 and prior SIMATIC PCS 7 version 8.1 SIMATIC PCS 7 version 8.2 SIMATIC PCS 7 version 9.0 SIMATIC WinCC (TIA Portal) version 13 SIMATIC WinCC (TIA Portal) version 14 SIMATIC WinCC (TIA Portal) version 15 SIMATIC WinCC Runtime Professional, all version SIMATIC WinCC version 7.2 and prior SIMATIC WinCC version 7.3 SIMATIC WinCC version 7.4 SIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201905-1322",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 1.4,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "siemens",
        "version": "7.3"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13.0"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "14.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.2"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.0"
      },
      {
        "model": "simatic wincc \\",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "15.0"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "8.1"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "9.0"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v13"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v14"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "siemens",
        "version": "v15"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.1.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.3.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5 upd3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "13.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "14.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic pcs 7",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.0 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "8.2.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.4.x"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "15.x"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "7.2 and earlier"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "9.0.x"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v8.1"
      },
      {
        "model": "simatic wincc",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "\u003c=7.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.3"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc upd3",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5.*\u003cv7.5"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.2"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.0"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "6.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "79.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.2"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "78.0"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "77"
      },
      {
        "model": "simatic wincc update",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "siemens",
        "version": "7.53"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.1"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "8.2"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic pcs 7",
        "version": "9.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.3"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.4"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc",
        "version": "7.5"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "13.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "14.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc tia portal",
        "version": "15.0"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.2,
        "vendor": "simatic wincc runtime professional",
        "version": "*"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_pcs_7",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_%28tia_portal%29",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:siemens:simatic_wincc_runtime_professional",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vladimir Dashchenko and Sergey Temnikov from Kaspersky Lab, and ChengBin Wang from Guoli Security Technology, and ChengBin Wang from Guoli Security Technology reported these vulnerabilities to Siemens., CNCERT/CC",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-10916",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2019-10916",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CNVD-2019-14938",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "IVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "5e23f13f-8869-4704-a7f2-72babe1680f8",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-142510",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2019-10916",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-10916",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-10916",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-10916",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-14938",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201905-597",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "5e23f13f-8869-4704-a7f2-72babe1680f8",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142510",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions \u003c V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions \u003c V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known. plural SIMATIC The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC PCS 7 and SIMATIC WinCC are products of Siemens AG, Germany. SIMATIC PCS 7 is a process control system. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. An input validation error vulnerability exists in Siemens SIMATIC PCS 7 and SIMATIC WinCC that was caused by a network system or product that did not properly validate the input data and could be exploited by an attacker to access project files. Siemens SIMATIC products are prone to following security vulnerabilities:\n1. A denial-of-service vulnerability\n2. An SQL injection vulnerability3. \n3. An arbitrary command execution\nExploiting these vulnerabilities could allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, bypass security restrictions, or execute arbitrary code or cause a denial of service condition. \nThe following Siemens SIMATIC products are affected:\nSIMATIC PCS 7 version 8.0 and prior\nSIMATIC PCS 7 version 8.1\nSIMATIC PCS 7 version 8.2\nSIMATIC PCS 7 version 9.0\nSIMATIC WinCC (TIA Portal) version 13\nSIMATIC WinCC (TIA Portal) version 14\nSIMATIC WinCC (TIA Portal) version 15\nSIMATIC WinCC Runtime Professional, all version\nSIMATIC WinCC version 7.2 and prior\nSIMATIC WinCC version 7.3\nSIMATIC WinCC version 7.4\nSIMATIC WinCC version 7.5, all version prior to version 7.5 Update 3",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      }
    ],
    "trust": 2.7
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-10916",
        "trust": 3.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-08",
        "trust": 3.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-697412",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597",
        "trust": 0.9
      },
      {
        "db": "BID",
        "id": "108404",
        "trust": 0.9
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-19-134-02",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1716.2",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "5E23F13F-8869-4704-A7F2-72BABE1680F8",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "id": "VAR-201905-1322",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      }
    ],
    "trust": 1.5496564849999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:37:16.618000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-697412",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "title": "Patch for Siemens SIMATIC PCS 7 and SIMATIC WinCC Input Validation Error Vulnerability (NVD-C-2019-65203)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/161835"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-89",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.7,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
      },
      {
        "trust": 1.5,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-08"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10916"
      },
      {
        "trust": 1.2,
        "url": "http://www.securityfocus.com/bid/108404"
      },
      {
        "trust": 0.9,
        "url": "http://subscriber.communications.siemens.com/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10916"
      },
      {
        "trust": 0.6,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-134-02-0"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/80946"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-wincc-multiple-vulnerabilities-29286"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "db": "BID",
        "id": "108404"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "IVD",
        "id": "5e23f13f-8869-4704-a7f2-72babe1680f8"
      },
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-06-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "date": "2019-05-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "date": "2019-05-14T20:29:02.293000",
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-05-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-14938"
      },
      {
        "date": "2019-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142510"
      },
      {
        "date": "2019-05-22T06:00:00",
        "db": "BID",
        "id": "108404"
      },
      {
        "date": "2019-07-08T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      },
      {
        "date": "2022-03-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      },
      {
        "date": "2024-11-21T04:20:08.653000",
        "db": "NVD",
        "id": "CVE-2019-10916"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-004566"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SQL injection",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201905-597"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.