Vulnerabilites related to siemens - simatic_wincc
cve-2021-40360
Vulnerability from cvelistv5
Published
2022-02-09 15:17
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 |
Version: All versions |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:44:09.157Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP1", }, ], }, { product: "SIMATIC WinCC V15 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15 SP1 Update 7", }, ], }, { product: "SIMATIC WinCC V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 5", }, ], }, { product: "SIMATIC WinCC V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Update 2", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 19", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2 Update 6", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T09:46:42", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-40360", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.1", version: { version_data: [ { version_value: "All versions < V9.1 SP1", }, ], }, }, { product_name: "SIMATIC WinCC V15 and earlier", version: { version_data: [ { version_value: "All versions < V15 SP1 Update 7", }, ], }, }, { product_name: "SIMATIC WinCC V16", version: { version_data: [ { version_value: "All versions < V16 Update 5", }, ], }, }, { product_name: "SIMATIC WinCC V17", version: { version_data: [ { version_value: "All versions < V17 Update 2", }, ], }, }, { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Update 19", }, ], }, }, { product_name: "SIMATIC WinCC V7.5", version: { version_data: [ { version_value: "All versions < V7.5 SP2 Update 6", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-40360", datePublished: "2022-02-09T15:17:03", dateReserved: "2021-09-01T00:00:00", dateUpdated: "2024-08-04T02:44:09.157Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-8552
Vulnerability from cvelistv5
Published
2014-11-26 11:00
Modified
2024-08-06 13:18
Severity ?
EPSS score ?
Summary
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:18:48.641Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-11-21T00:00:00", descriptions: [ { lang: "en", value: "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-11-26T06:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-8552", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-8552", datePublished: "2014-11-26T11:00:00", dateReserved: "2014-10-30T00:00:00", dateUpdated: "2024-08-06T13:18:48.641Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-28829
Vulnerability from cvelistv5
Published
2023-06-13 08:17
Modified
2025-01-03 01:52
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These
services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC NET PC Software V14 |
Version: All versions |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T13:51:38.624Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-28829", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-03T01:45:58.400145Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-03T01:52:55.603Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.0", }, ], }, { defaultStatus: "unknown", product: "SINAUT Software ST7sc", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.", }, ], metrics: [ { cvssV3_1: { baseScore: 3.9, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-477", description: "CWE-477: Use of Obsolete Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-13T08:17:07.989Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-28829", datePublished: "2023-06-13T08:17:07.989Z", dateReserved: "2023-03-24T15:17:29.558Z", dateUpdated: "2025-01-03T01:52:55.603Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-5743
Vulnerability from cvelistv5
Published
2016-07-22 15:00
Modified
2024-08-06 01:08
Severity ?
EPSS score ?
Summary
Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036441 | vdb-entry, x_refsource_SECTRACK | |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01 | x_refsource_MISC | |
| http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/92112 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:08:00.812Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1036441", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036441", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, { name: "92112", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92112", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-22T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1036441", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036441", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, { name: "92112", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92112", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-5743", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1036441", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036441", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { name: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, { name: "92112", refsource: "BID", url: "http://www.securityfocus.com/bid/92112", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-5743", datePublished: "2016-07-22T15:00:00", dateReserved: "2016-06-22T00:00:00", dateUpdated: "2024-08-06T01:08:00.812Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48363
Vulnerability from cvelistv5
Published
2024-02-13 08:59
Modified
2024-09-10 09:36
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call)
communication protocol in the affected products do not
properly handle certain unorganized RPC messages. An
attacker could use this vulnerability to cause a denial of service
condition in the RPC server.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V9.1 |
Version: All versions < V9.1 SP2 UC05 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-48363", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-13T16:37:22.994141Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-05T17:21:43.194Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T21:30:34.556Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "OpenPCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2 UC05", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2 UC05", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 UC05", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2 UC05", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "V7.5 SP2 Update 15", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) \r\ncommunication protocol in the affected products do not \r\nproperly handle certain unorganized RPC messages. An \r\nattacker could use this vulnerability to cause a denial of service \r\ncondition in the RPC server.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476: NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:22.958Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-48363", datePublished: "2024-02-13T08:59:55.432Z", dateReserved: "2023-11-15T17:20:32.751Z", dateUpdated: "2024-09-10T09:36:22.958Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-4832
Vulnerability from cvelistv5
Published
2018-04-24 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | x_refsource_MISC | |
| http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V7.1 and earlier |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T05:18:26.633Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenPCS 7 V7.1 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "OpenPCS 7 V8.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "OpenPCS 7 V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.1 Upd5", }, ], }, { product: "OpenPCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "OpenPCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 Upd1", }, ], }, { product: "SIMATIC BATCH V7.1 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC BATCH V8.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.0 SP1 Upd21", }, ], }, { product: "SIMATIC BATCH V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.1 SP1 Upd16", }, ], }, { product: "SIMATIC BATCH V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.2 Upd10", }, ], }, { product: "SIMATIC BATCH V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP1", }, ], }, { product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 14", }, ], }, { product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < 15 SP1", }, ], }, { product: "SIMATIC PCS 7 V7.1 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.2 SP1", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP1", }, ], }, { product: "SIMATIC Route Control V7.1 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC Route Control V8.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC Route Control V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC Route Control V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC Route Control V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 Upd1", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2 Upd2", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Upd5", }, ], }, { product: "SIMATIC WinCC V7.2 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < WinCC 7.2 Upd 15", }, ], }, { product: "SIMATIC WinCC V7.3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < WinCC 7.3 Upd 16", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Upd 4", }, ], }, { product: "SPPA-T3000 Application Server", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < Service Pack R8.2 SP2", }, ], }, ], datePublic: "2018-03-27T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-12T09:06:48", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2018-4832", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "OpenPCS 7 V7.1 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "OpenPCS 7 V8.0", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "OpenPCS 7 V8.1", version: { version_data: [ { version_value: "All versions < V8.1 Upd5", }, ], }, }, { product_name: "OpenPCS 7 V8.2", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "OpenPCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 Upd1", }, ], }, }, { product_name: "SIMATIC BATCH V7.1 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC BATCH V8.0", version: { version_data: [ { version_value: "All versions < V8.0 SP1 Upd21", }, ], }, }, { product_name: "SIMATIC BATCH V8.1", version: { version_data: [ { version_value: "All versions < V8.1 SP1 Upd16", }, ], }, }, { product_name: "SIMATIC BATCH V8.2", version: { version_data: [ { version_value: "All versions < V8.2 Upd10", }, ], }, }, { product_name: "SIMATIC BATCH V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP1", }, ], }, }, { product_name: "SIMATIC NET PC Software V14", version: { version_data: [ { version_value: "All versions < V14 SP1 Update 14", }, ], }, }, { product_name: "SIMATIC NET PC Software V15", version: { version_data: [ { version_value: "All versions < 15 SP1", }, ], }, }, { product_name: "SIMATIC PCS 7 V7.1 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.0", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.1", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions < V8.2 SP1", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP1", }, ], }, }, { product_name: "SIMATIC Route Control V7.1 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC Route Control V8.0", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC Route Control V8.1", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC Route Control V8.2", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC Route Control V9.0", version: { version_data: [ { version_value: "All versions < V9.0 Upd1", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V13", version: { version_data: [ { version_value: "All versions < V13 SP2 Upd2", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V14", version: { version_data: [ { version_value: "All versions < V14 SP1 Upd5", }, ], }, }, { product_name: "SIMATIC WinCC V7.2 and earlier", version: { version_data: [ { version_value: "All versions < WinCC 7.2 Upd 15", }, ], }, }, { product_name: "SIMATIC WinCC V7.3", version: { version_data: [ { version_value: "All versions < WinCC 7.3 Upd 16", }, ], }, }, { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Upd 4", }, ], }, }, { product_name: "SPPA-T3000 Application Server", version: { version_data: [ { version_value: "All versions < Service Pack R8.2 SP2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf", }, { name: "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2018-4832", datePublished: "2018-04-24T17:00:00", dateReserved: "2018-01-02T00:00:00", dateUpdated: "2024-08-05T05:18:26.633Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-40142
Vulnerability from cvelistv5
Published
2021-08-27 06:51
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://opcfoundation.org/security-bulletins/ | x_refsource_MISC | |
| https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:27:31.711Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://opcfoundation.org/security-bulletins/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-10T11:06:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://opcfoundation.org/security-bulletins/", }, { tags: [ "x_refsource_MISC", ], url: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-40142", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://opcfoundation.org/security-bulletins/", refsource: "MISC", url: "https://opcfoundation.org/security-bulletins/", }, { name: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf", refsource: "MISC", url: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-40142", datePublished: "2021-08-27T06:51:28", dateReserved: "2021-08-25T00:00:00", dateUpdated: "2024-08-04T02:27:31.711Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10935
Vulnerability from cvelistv5
Published
2019-07-11 21:17
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens AG | SIMATIC PCS 7 V8.0 and earlier |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.303Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.0 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.1", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, { product: "SIMATIC WinCC Professional (TIA Portal V13)", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC Professional (TIA Portal V14)", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14 SP1 Upd 9", }, ], }, { product: "SIMATIC WinCC Professional (TIA Portal V15)", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14.1 Upd 8", }, ], }, { product: "SIMATIC WinCC Runtime Professional V15", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC V7.2 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC V7.3", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.3 Upd 19", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Upd 11", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.5 Upd 3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-434", description: "CWE-434: Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-10T13:49:24", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2019-10935", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.0 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.1", version: { version_data: [ { version_value: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, }, { product_name: "SIMATIC WinCC Professional (TIA Portal V13)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC Professional (TIA Portal V14)", version: { version_data: [ { version_value: "All versions < V14 SP1 Upd 9", }, ], }, }, { product_name: "SIMATIC WinCC Professional (TIA Portal V15)", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V13", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V14", version: { version_data: [ { version_value: "All versions < V14.1 Upd 8", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V15", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC V7.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC V7.3", version: { version_data: [ { version_value: "All versions < V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Upd 11", }, ], }, }, { product_name: "SIMATIC WinCC V7.5", version: { version_data: [ { version_value: "All versions < V7.5 Upd 3", }, ], }, }, ], }, vendor_name: "Siemens AG", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-434: Unrestricted Upload of File with Dangerous Type", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-10935", datePublished: "2019-07-11T21:17:47", dateReserved: "2019-04-08T00:00:00", dateUpdated: "2024-08-04T22:40:15.303Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-5744
Vulnerability from cvelistv5
Published
2016-07-22 15:00
Modified
2024-08-06 01:07
Severity ?
EPSS score ?
Summary
Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/92116 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036441 | vdb-entry, x_refsource_SECTRACK | |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01 | x_refsource_MISC | |
| http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:07:59.970Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "92116", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/92116", }, { name: "1036441", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036441", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-22T00:00:00", descriptions: [ { lang: "en", value: "Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-11-25T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "92116", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/92116", }, { name: "1036441", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036441", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-5744", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "92116", refsource: "BID", url: "http://www.securityfocus.com/bid/92116", }, { name: "1036441", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036441", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { name: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-5744", datePublished: "2016-07-22T15:00:00", dateReserved: "2016-06-22T00:00:00", dateUpdated: "2024-08-06T01:07:59.970Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-9160
Vulnerability from cvelistv5
Published
2016-12-17 03:34
Modified
2024-08-06 02:42
Severity ?
EPSS score ?
Summary
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037435 | vdb-entry, x_refsource_SECTRACK | |
| https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/94825 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) |
Version: SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:42:11.100Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf", }, { name: "1037435", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037435", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04", }, { name: "94825", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94825", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)", vendor: "n/a", versions: [ { status: "affected", version: "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)", }, ], }, ], datePublic: "2016-12-16T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-111", description: "CWE-111: Direct Use of Unsafe JNI", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-26T09:57:01", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf", }, { name: "1037435", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037435", }, { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04", }, { name: "94825", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94825", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2016-9160", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)", version: { version_data: [ { version_value: "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-111: Direct Use of Unsafe JNI", }, ], }, ], }, references: { reference_data: [ { name: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf", }, { name: "1037435", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037435", }, { name: "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04", }, { name: "94825", refsource: "BID", url: "http://www.securityfocus.com/bid/94825", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2016-9160", datePublished: "2016-12-17T03:34:00", dateReserved: "2016-11-03T00:00:00", dateUpdated: "2024-08-06T02:42:11.100Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19282
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.
Successful exploitation requires no system privileges and no user interaction.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V8.1 |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:09:39.657Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "OpenPCS 7 V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "OpenPCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "OpenPCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 Upd3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V8.2 Upd12", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP1 Upd5", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 14", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V8.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 Upd4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC (TIA Portal) V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC (TIA Portal) V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 10", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC (TIA Portal) V15.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 14", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP1 Update 1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.\nSuccessful exploitation requires no system privileges and no user interaction.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-131", description: "CWE-131: Incorrect Calculation of Buffer Size", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T09:01:49.748Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-19282", datePublished: "2020-03-10T19:16:17", dateReserved: "2019-11-26T00:00:00", dateUpdated: "2024-08-05T02:09:39.657Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-7165
Vulnerability from cvelistv5
Published
2016-11-15 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | x_refsource_MISC | |
| http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/94158 | vdb-entry, x_refsource_BID | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T01:50:47.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { name: "94158", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94158", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-11-07T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-14T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { tags: [ "x_refsource_MISC", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { name: "94158", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94158", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-7165", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { name: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", refsource: "MISC", url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { name: "94158", refsource: "BID", url: "http://www.securityfocus.com/bid/94158", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-7165", datePublished: "2016-11-15T19:00:00", dateReserved: "2016-09-08T00:00:00", dateUpdated: "2024-08-06T01:50:47.526Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-40364
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 |
Version: All versions |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:44:09.470Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3 UC04", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V15 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15 SP1 Update 7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 5", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Update 2", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 19", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2 Update 5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system.", }, ], metrics: [ { cvssV3_1: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532: Insertion of Sensitive Information into Log File", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T09:02:00.354Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-40364", datePublished: "2021-11-09T11:32:06", dateReserved: "2021-09-01T00:00:00", dateUpdated: "2024-08-04T02:44:09.470Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10917
Vulnerability from cvelistv5
Published
2019-05-14 19:54
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | x_refsource_CONFIRM | |
| https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens AG | SIMATIC PCS 7 V8.0 and earlier |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.224Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.0 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.1", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14 SP1 Upd 9", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V15", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14.1 Upd 8", }, ], }, { product: "SIMATIC WinCC Runtime Professional V15", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC V7.2 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC V7.3", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.3 Upd 19", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Upd 11", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.5 Upd 3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-248", description: "CWE-248: Uncaught Exception", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-23T19:28:02", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2019-10917", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.0 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.1", version: { version_data: [ { version_value: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V13", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V14", version: { version_data: [ { version_value: "All versions < V14 SP1 Upd 9", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V15", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V13", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V14", version: { version_data: [ { version_value: "All versions < V14.1 Upd 8", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V15", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC V7.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC V7.3", version: { version_data: [ { version_value: "All versions < V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Upd 11", }, ], }, }, { product_name: "SIMATIC WinCC V7.5", version: { version_data: [ { version_value: "All versions < V7.5 Upd 3", }, ], }, }, ], }, vendor_name: "Siemens AG", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-248: Uncaught Exception", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-10917", datePublished: "2019-05-14T19:54:48", dateReserved: "2019-04-08T00:00:00", dateUpdated: "2024-08-04T22:40:15.224Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-10048
Vulnerability from cvelistv5
Published
2021-02-09 15:38
Modified
2024-08-04 10:50
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 |
Version: All versions |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T10:50:57.903Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-288", description: "CWE-288: Authentication Bypass Using an Alternate Path or Channel", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-09T15:38:17", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2020-10048", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC", version: { version_data: [ { version_value: "All versions < V7.5 SP2", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-288: Authentication Bypass Using an Alternate Path or Channel", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-10048", datePublished: "2021-02-09T15:38:17", dateReserved: "2020-03-04T00:00:00", dateUpdated: "2024-08-04T10:50:57.903Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10922
Vulnerability from cvelistv5
Published
2019-05-14 19:54
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf | x_refsource_MISC | |
| http://www.securityfocus.com/bid/108398 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens AG | SIMATIC PCS 7 V8.0 and earlier |
Version: All versions |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.230Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf", }, { name: "108398", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108398", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.0 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.1 and newer", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC V7.2 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC V7.3 and newer", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without \"Encrypted Communication\", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-306", description: "CWE-306: Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-21T17:06:03", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf", }, { name: "108398", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108398", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2019-10922", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.0 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.1 and newer", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC V7.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC V7.3 and newer", version: { version_data: [ { version_value: "All versions", }, ], }, }, ], }, vendor_name: "Siemens AG", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without \"Encrypted Communication\", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-306: Missing Authentication for Critical Function", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf", }, { name: "108398", refsource: "BID", url: "http://www.securityfocus.com/bid/108398", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-10922", datePublished: "2019-05-14T19:54:48", dateReserved: "2019-04-08T00:00:00", dateUpdated: "2024-08-04T22:40:15.230Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10918
Vulnerability from cvelistv5
Published
2019-05-14 19:54
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | x_refsource_CONFIRM | |
| https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens AG | SIMATIC PCS 7 V8.0 and earlier |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.144Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.0 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.1", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14 SP1 Upd 9", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V15", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14.1 Upd 8", }, ], }, { product: "SIMATIC WinCC Runtime Professional V15", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC V7.2 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC V7.3", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.3 Upd 19", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Upd 11", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.5 Upd 3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-749", description: "CWE-749: Exposed Dangerous Method or Function", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-23T19:28:42", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2019-10918", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.0 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.1", version: { version_data: [ { version_value: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V13", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V14", version: { version_data: [ { version_value: "All versions < V14 SP1 Upd 9", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V15", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V13", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V14", version: { version_data: [ { version_value: "All versions < V14.1 Upd 8", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V15", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC V7.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC V7.3", version: { version_data: [ { version_value: "All versions < V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Upd 11", }, ], }, }, { product_name: "SIMATIC WinCC V7.5", version: { version_data: [ { version_value: "All versions < V7.5 Upd 3", }, ], }, }, ], }, vendor_name: "Siemens AG", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-749: Exposed Dangerous Method or Function", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-10918", datePublished: "2019-05-14T19:54:48", dateReserved: "2019-04-08T00:00:00", dateUpdated: "2024-08-04T22:40:15.144Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48364
Vulnerability from cvelistv5
Published
2024-02-13 08:59
Modified
2024-09-10 09:36
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V9.1 |
Version: All versions < V9.1 SP2 UC05 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-48364", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-13T16:04:15.175349Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-05T17:21:43.053Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T21:30:34.447Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "OpenPCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2 UC05", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2 UC05", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { lessThan: "V9.1 SP2 UC05", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP2 UC05", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V18", vendor: "Siemens", versions: [ { lessThan: "V18 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V19", vendor: "Siemens", versions: [ { lessThan: "V19 Update 2", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { lessThan: "*", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { lessThan: "V7.5 SP2 Update 15", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V8.0", vendor: "Siemens", versions: [ { lessThan: "V8.0 Update 4", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.", }, ], metrics: [ { cvssV3_1: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, { cvssV4_0: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", version: "4.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476: NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-09-10T09:36:24.190Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2023-48364", datePublished: "2024-02-13T08:59:56.648Z", dateReserved: "2023-11-15T17:20:32.751Z", dateUpdated: "2024-09-10T09:36:24.190Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10929
Vulnerability from cvelistv5
Published
2019-08-13 18:55
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | x_refsource_MISC | |
| https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.230Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC CP 1626", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V20.8", }, ], }, { product: "SIMATIC HMI Panel (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 14", }, ], }, { product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4.4.0", }, ], }, { product: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.8.1", }, ], }, { product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V20.8", }, ], }, { product: "SIMATIC S7-PLCSIM Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "SIMATIC WinCC (TIA Portal)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "SIMATIC WinCC OA", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.16 P013", }, ], }, { product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "SIMATIC WinCC Runtime Professional", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16", }, ], }, { product: "TIM 1531 IRC (incl. SIPLUS NET variants)", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V2.1", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-327", description: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:16:07", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2019-10929", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC CP 1626", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions < V20.8", }, ], }, }, { product_name: "SIMATIC HMI Panel (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC NET PC Software V14", version: { version_data: [ { version_value: "All versions < V14 SP1 Update 14", }, ], }, }, { product_name: "SIMATIC NET PC Software V15", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)", version: { version_data: [ { version_value: "All versions < V4.4.0", }, ], }, }, { product_name: "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", version: { version_data: [ { version_value: "All versions < V2.8.1", }, ], }, }, { product_name: "SIMATIC S7-1500 Software Controller", version: { version_data: [ { version_value: "All versions < V20.8", }, ], }, }, { product_name: "SIMATIC S7-PLCSIM Advanced", version: { version_data: [ { version_value: "All versions < V3.0", }, ], }, }, { product_name: "SIMATIC STEP 7 (TIA Portal)", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal)", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "SIMATIC WinCC OA", version: { version_data: [ { version_value: "All versions < V3.16 P013", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Advanced", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional", version: { version_data: [ { version_value: "All versions < V16", }, ], }, }, { product_name: "TIM 1531 IRC (incl. SIPLUS NET variants)", version: { version_data: [ { version_value: "All versions < V2.1", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-10929", datePublished: "2019-08-13T18:55:57", dateReserved: "2019-04-08T00:00:00", dateUpdated: "2024-08-04T22:40:15.230Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7580
Vulnerability from cvelistv5
Published
2020-06-10 00:00
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Automation Tool |
Version: All versions < V4 SP2 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:33:19.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { tags: [ "x_transferred", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC Automation Tool", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V4 SP2", }, ], }, { product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 14", }, ], }, { product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Upd3", }, ], }, { product: "SIMATIC PCS neo", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.0 SP1", }, ], }, { product: "SIMATIC ProSave", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17", }, ], }, { product: "SIMATIC S7-1500 Software Controller", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V21.8", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2 Update 4", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 10", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC STEP 7 V5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V5.6 SP2 HF3", }, ], }, { product: "SIMATIC WinCC OA V3.16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.16 P018", }, ], }, { product: "SIMATIC WinCC OA V3.17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V3.17 P003", }, ], }, { product: "SIMATIC WinCC Runtime Advanced", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V13 SP2 Update 4", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP1 Update 10", }, ], }, { product: "SIMATIC WinCC Runtime Professional V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15.1 Update 5", }, ], }, { product: "SIMATIC WinCC Runtime Professional V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 2", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 14", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP1 Update 3", }, ], }, { product: "SINAMICS STARTER", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V5.4 HF2", }, ], }, { product: "SINAMICS Startdrive", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V16 Update 3", }, ], }, { product: "SINEC NMS", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V1.0 SP2", }, ], }, { product: "SINEMA Server", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V14 SP3", }, ], }, { product: "SINUMERIK ONE virtual", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.14", }, ], }, { product: "SINUMERIK Operate", vendor: "Siemens", versions: [ { status: "affected", version: "All Versions < V6.14", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-428", description: "CWE-428: Unquoted Search Path or Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T00:00:00", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2020-7580", datePublished: "2020-06-10T00:00:00", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:33:19.492Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-40359
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V8.2 |
Version: All versions |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:44:09.625Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "OpenPCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "OpenPCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 Upd4", }, ], }, { defaultStatus: "unknown", product: "OpenPCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC BATCH V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V14", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V15", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 6", }, ], }, { defaultStatus: "unknown", product: "SIMATIC NET PC Software V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 SP1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3 UC04", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC Route Control V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V15 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15 SP1 Update 7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 5", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Update 2", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 19", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2 Update 5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T09:01:59.282Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-40359", datePublished: "2021-11-09T11:32:05", dateReserved: "2021-09-01T00:00:00", dateUpdated: "2024-08-04T02:44:09.625Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24287
Vulnerability from cvelistv5
Published
2022-05-10 09:46
Modified
2025-04-21 13:53
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 |
Version: All versions |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:07:02.492Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-24287", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-18T15:23:35.293523Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-21T13:53:48.015Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3 UC06", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP1 UC01", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V16 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC Runtime Professional V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Upd4", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.3", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 21", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2 Update 8", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode.", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1188", description: "CWE-1188: Insecure Default Initialization of Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-14T11:03:11.010Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2022-24287", datePublished: "2022-05-10T09:46:57.000Z", dateReserved: "2022-02-01T00:00:00.000Z", dateUpdated: "2025-04-21T13:53:48.015Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-14023
Vulnerability from cvelistv5
Published
2017-11-06 22:00
Modified
2024-08-05 19:13
Severity ?
EPSS score ?
Summary
An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1039729 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101680 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Siemens SIMATIC PCS 7 |
Version: Siemens SIMATIC PCS 7 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:13:41.630Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01", }, { name: "1039729", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1039729", }, { name: "101680", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/101680", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Siemens SIMATIC PCS 7", vendor: "n/a", versions: [ { status: "affected", version: "Siemens SIMATIC PCS 7", }, ], }, ], datePublic: "2017-11-06T00:00:00", descriptions: [ { lang: "en", value: "An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2017-11-08T10:57:01", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01", }, { name: "1039729", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1039729", }, { name: "101680", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/101680", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2017-14023", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Siemens SIMATIC PCS 7", version: { version_data: [ { version_value: "Siemens SIMATIC PCS 7", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01", refsource: "MISC", url: "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01", }, { name: "1039729", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1039729", }, { name: "101680", refsource: "BID", url: "http://www.securityfocus.com/bid/101680", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2017-14023", datePublished: "2017-11-06T22:00:00", dateReserved: "2017-08-30T00:00:00", dateUpdated: "2024-08-05T19:13:41.630Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-8551
Vulnerability from cvelistv5
Published
2014-11-26 11:00
Modified
2024-08-06 13:18
Severity ?
EPSS score ?
Summary
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T13:18:48.431Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-11-21T00:00:00", descriptions: [ { lang: "en", value: "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-11-26T06:57:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-8551", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", refsource: "CONFIRM", url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-8551", datePublished: "2014-11-26T11:00:00", dateReserved: "2014-10-30T00:00:00", dateUpdated: "2024-08-06T13:18:48.431Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-10916
Vulnerability from cvelistv5
Published
2019-05-14 19:54
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | x_refsource_CONFIRM | |
| https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens AG | SIMATIC PCS 7 V8.0 and earlier |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.179Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.0 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.1", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14 SP1 Upd 9", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V15", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC Runtime Professional V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC Runtime Professional V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14.1 Upd 8", }, ], }, { product: "SIMATIC WinCC Runtime Professional V15", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V15.1 Upd 3", }, ], }, { product: "SIMATIC WinCC V7.2 and earlier", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC V7.3", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.3 Upd 19", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Upd 11", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.5 Upd 3", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-89", description: "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-23T19:27:04", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2019-10916", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.0 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.1", version: { version_data: [ { version_value: "All versions < V8.1 with WinCC V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V13", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V14", version: { version_data: [ { version_value: "All versions < V14 SP1 Upd 9", }, ], }, }, { product_name: "SIMATIC WinCC (TIA Portal) V15", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V13", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V14", version: { version_data: [ { version_value: "All versions < V14.1 Upd 8", }, ], }, }, { product_name: "SIMATIC WinCC Runtime Professional V15", version: { version_data: [ { version_value: "All versions < V15.1 Upd 3", }, ], }, }, { product_name: "SIMATIC WinCC V7.2 and earlier", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC WinCC V7.3", version: { version_data: [ { version_value: "All versions < V7.3 Upd 19", }, ], }, }, { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Upd 11", }, ], }, }, { product_name: "SIMATIC WinCC V7.5", version: { version_data: [ { version_value: "All versions < V7.5 Upd 3", }, ], }, }, ], }, vendor_name: "Siemens AG", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { name: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2019-10916", datePublished: "2019-05-14T19:54:48", dateReserved: "2019-04-08T00:00:00", dateUpdated: "2024-08-04T22:40:15.179Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6865
Vulnerability from cvelistv5
Published
2017-05-11 10:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf | x_refsource_CONFIRM | |
| https://www.securityfocus.com/bid/98366 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens AG | Primary Setup Tool (PST) |
Version: All versions < V4.2 HF1 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:41:17.697Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf", }, { name: "98366", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "https://www.securityfocus.com/bid/98366", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Primary Setup Tool (PST)", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V4.2 HF1", }, ], }, { product: "SIMATIC Automation Tool", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V3.0", }, ], }, { product: "SIMATIC NET PC-Software", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14 SP1", }, ], }, { product: "SIMATIC PCS 7 V8.1", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V8.2 SP1", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V13 SP2", }, ], }, { product: "SIMATIC STEP 7 (TIA Portal) V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14 SP1", }, ], }, { product: "SIMATIC STEP 7 V5.X", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V5.6", }, ], }, { product: "SIMATIC WinAC RTX 2010 SP2", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinAC RTX F 2010 SP2", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V13", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V13 SP2", }, ], }, { product: "SIMATIC WinCC (TIA Portal) V14", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14 SP1", }, ], }, { product: "SIMATIC WinCC V7.2 and prior", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC WinCC V7.3", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.3 Update 15", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Upd1", }, ], }, { product: "SIMATIC WinCC flexible 2008", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < flexible 2008 SP5", }, ], }, { product: "SINAUT ST7CC", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15", }, ], }, { product: "SINEMA Server", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V14", }, ], }, { product: "SINUMERIK 808D Programming Tool", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V4.7 SP4 HF2", }, ], }, { product: "SMART PC Access", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { product: "STEP 7 - Micro/WIN SMART", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V2.3", }, ], }, { product: "Security Configuration Tool (SCT)", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V5.0", }, ], }, { product: "Security Configuration Tool (SCT)", vendor: "Siemens AG", versions: [ { status: "affected", version: "All versions < V5.0", }, ], }, ], datePublic: "2017-05-10T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.", }, ], problemTypes: [ { descriptions: [ { description: "Other", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-21T15:44:20", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf", }, { name: "98366", tags: [ "vdb-entry", "x_refsource_BID", ], url: "https://www.securityfocus.com/bid/98366", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2017-6865", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Primary Setup Tool (PST)", version: { version_data: [ { version_value: "All versions < V4.2 HF1", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC Automation Tool", version: { version_data: [ { version_value: "All versions < V3.0", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC NET PC-Software", version: { version_data: [ { version_value: "All versions < V14 SP1", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.1", version: { version_data: [ { version_value: "All versions", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions < V8.2 SP1", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC STEP 7 (TIA Portal) V13", version: { version_data: [ { version_value: "All versions < V13 SP2", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC STEP 7 (TIA Portal) V14", version: { version_data: [ { version_value: "All versions < V14 SP1", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC STEP 7 V5.X", version: { version_data: [ { version_value: "All versions < V5.6", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinAC RTX 2010 SP2", version: { version_data: [ { version_value: "All versions", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinAC RTX F 2010 SP2", version: { version_data: [ { version_value: "All versions", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinCC (TIA Portal) V13", version: { version_data: [ { version_value: "All versions < V13 SP2", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinCC (TIA Portal) V14", version: { version_data: [ { version_value: "All versions < V14 SP1", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinCC V7.2 and prior", version: { version_data: [ { version_value: "All versions", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinCC V7.3", version: { version_data: [ { version_value: "All versions < V7.3 Update 15", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Upd1", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SIMATIC WinCC flexible 2008", version: { version_data: [ { version_value: "All versions < flexible 2008 SP5", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SINAUT ST7CC", version: { version_data: [ { version_value: "All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SINEMA Server", version: { version_data: [ { version_value: "All versions < V14", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SINUMERIK 808D Programming Tool", version: { version_data: [ { version_value: "All versions < V4.7 SP4 HF2", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "SMART PC Access", version: { version_data: [ { version_value: "All versions < V2.3", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "STEP 7 - Micro/WIN SMART", version: { version_data: [ { version_value: "All versions < V2.3", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "Security Configuration Tool (SCT)", version: { version_data: [ { version_value: "All versions < V5.0", }, ], }, }, ], }, vendor_name: "Siemens AG", }, { product: { product_data: [ { product_name: "Security Configuration Tool (SCT)", version: { version_data: [ { version_value: "All versions < V5.0", }, ], }, }, ], }, vendor_name: "Siemens AG", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Other", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf", }, { name: "98366", refsource: "BID", url: "https://www.securityfocus.com/bid/98366", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2017-6865", datePublished: "2017-05-11T10:00:00", dateReserved: "2017-03-13T00:00:00", dateUpdated: "2024-08-05T15:41:17.697Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-40358
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 |
Version: All versions |
||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:44:09.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unknown", product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.0 SP3 UC04", }, ], }, { defaultStatus: "unknown", product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP1", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V15 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15 SP1 Update 7", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 5", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Update 2", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 19", }, ], }, { defaultStatus: "unknown", product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2 Update 5", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files.", }, ], metrics: [ { cvssV3_1: { baseScore: 9.9, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-11T09:01:58.251Z", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-40358", datePublished: "2021-11-09T11:32:04", dateReserved: "2021-09-01T00:00:00", dateUpdated: "2024-08-04T02:44:09.554Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-2772
Vulnerability from cvelistv5
Published
2010-07-22 10:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/60587 | vdb-entry, x_refsource_XF | |
| http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr | x_refsource_MISC | |
| http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c | x_refsource_CONFIRM | |
| http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01 | x_refsource_MISC | |
| http://www.f-secure.com/weblog/archives/00001987.html | x_refsource_MISC | |
| http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1 | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2010/1893 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/40682 | third-party-advisory, x_refsource_SECUNIA | |
| http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/ | x_refsource_MISC | |
| http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/41753 | vdb-entry, x_refsource_BID | |
| http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725 | x_refsource_MISC | |
| http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22 | x_refsource_MISC | |
| http://www.wired.com/threatlevel/2010/07/siemens-scada/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T02:46:48.161Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "simatic-wincc-default-password(60587)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.f-secure.com/weblog/archives/00001987.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1", }, { name: "ADV-2010-1893", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/1893", }, { name: "40682", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/40682", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx", }, { name: "41753", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/41753", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.wired.com/threatlevel/2010/07/siemens-scada/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-07-16T00:00:00", descriptions: [ { lang: "en", value: "Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "simatic-wincc-default-password(60587)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587", }, { tags: [ "x_refsource_MISC", ], url: "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c", }, { tags: [ "x_refsource_MISC", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01", }, { tags: [ "x_refsource_MISC", ], url: "http://www.f-secure.com/weblog/archives/00001987.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1", }, { name: "ADV-2010-1893", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/1893", }, { name: "40682", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/40682", }, { tags: [ "x_refsource_MISC", ], url: "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx", }, { name: "41753", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/41753", }, { tags: [ "x_refsource_MISC", ], url: "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725", }, { tags: [ "x_refsource_MISC", ], url: "http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22", }, { tags: [ "x_refsource_MISC", ], url: "http://www.wired.com/threatlevel/2010/07/siemens-scada/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-2772", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "simatic-wincc-default-password(60587)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587", }, { name: "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr", refsource: "MISC", url: "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr", }, { name: "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c", refsource: "CONFIRM", url: "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c", }, { name: "http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01", refsource: "MISC", url: "http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01", }, { name: "http://www.f-secure.com/weblog/archives/00001987.html", refsource: "MISC", url: "http://www.f-secure.com/weblog/archives/00001987.html", }, { name: "http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1", refsource: "MISC", url: "http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1", }, { name: "ADV-2010-1893", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/1893", }, { name: "40682", refsource: "SECUNIA", url: "http://secunia.com/advisories/40682", }, { name: "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", refsource: "MISC", url: "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", }, { name: "http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx", refsource: "CONFIRM", url: "http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx", }, { name: "41753", refsource: "BID", url: "http://www.securityfocus.com/bid/41753", }, { name: "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725", refsource: "MISC", url: "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725", }, { name: "http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22", refsource: "MISC", url: "http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22", }, { name: "http://www.wired.com/threatlevel/2010/07/siemens-scada/", refsource: "MISC", url: "http://www.wired.com/threatlevel/2010/07/siemens-scada/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-2772", datePublished: "2010-07-22T10:00:00", dateReserved: "2010-07-21T00:00:00", dateUpdated: "2024-08-07T02:46:48.161Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-6867
Vulnerability from cvelistv5
Published
2017-05-11 10:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/98368 | vdb-entry, x_refsource_BID | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf | x_refsource_CONFIRM | |
| https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Siemens SIMATIC WinCC |
Version: Siemens SIMATIC WinCC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T15:41:17.675Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "98368", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98368", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Siemens SIMATIC WinCC", vendor: "n/a", versions: [ { status: "affected", version: "Siemens SIMATIC WinCC", }, ], }, ], datePublic: "2017-05-10T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-13T09:57:01", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { name: "98368", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98368", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2017-6867", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Siemens SIMATIC WinCC", version: { version_data: [ { version_value: "Siemens SIMATIC WinCC", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "98368", refsource: "BID", url: "http://www.securityfocus.com/bid/98368", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf", }, { name: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf", refsource: "CONFIRM", url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2017-6867", datePublished: "2017-05-11T10:00:00", dateReserved: "2017-03-13T00:00:00", dateUpdated: "2024-08-05T15:41:17.675Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-40363
Vulnerability from cvelistv5
Published
2022-02-09 15:17
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC PCS 7 V8.2 |
Version: All versions |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:44:09.640Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SIMATIC PCS 7 V8.2", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.0", vendor: "Siemens", versions: [ { status: "affected", version: "All versions", }, ], }, { product: "SIMATIC PCS 7 V9.1", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V9.1 SP1", }, ], }, { product: "SIMATIC WinCC V15 and earlier", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V15 SP1 Update 7", }, ], }, { product: "SIMATIC WinCC V16", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V16 Update 5", }, ], }, { product: "SIMATIC WinCC V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V17 Update 2", }, ], }, { product: "SIMATIC WinCC V17", vendor: "Siemens", versions: [ { status: "affected", version: "All versions <= V17 Update 4", }, ], }, { product: "SIMATIC WinCC V7.4", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.4 SP1 Update 19", }, ], }, { product: "SIMATIC WinCC V7.5", vendor: "Siemens", versions: [ { status: "affected", version: "All versions < V7.5 SP2 Update 6", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-538", description: "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-10T11:17:13", orgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", shortName: "siemens", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "productcert@siemens.com", ID: "CVE-2021-40363", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SIMATIC PCS 7 V8.2", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.0", version: { version_data: [ { version_value: "All versions", }, ], }, }, { product_name: "SIMATIC PCS 7 V9.1", version: { version_data: [ { version_value: "All versions < V9.1 SP1", }, ], }, }, { product_name: "SIMATIC WinCC V15 and earlier", version: { version_data: [ { version_value: "All versions < V15 SP1 Update 7", }, ], }, }, { product_name: "SIMATIC WinCC V16", version: { version_data: [ { version_value: "All versions < V16 Update 5", }, ], }, }, { product_name: "SIMATIC WinCC V17", version: { version_data: [ { version_value: "All versions < V17 Update 2", }, ], }, }, { product_name: "SIMATIC WinCC V17", version: { version_data: [ { version_value: "All versions <= V17 Update 4", }, ], }, }, { product_name: "SIMATIC WinCC V7.4", version: { version_data: [ { version_value: "All versions < V7.4 SP1 Update 19", }, ], }, }, { product_name: "SIMATIC WinCC V7.5", version: { version_data: [ { version_value: "All versions < V7.5 SP2 Update 6", }, ], }, }, ], }, vendor_name: "Siemens", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory", }, ], }, ], }, references: { reference_data: [ { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", refsource: "MISC", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", assignerShortName: "siemens", cveId: "CVE-2021-40363", datePublished: "2022-02-09T15:17:04", dateReserved: "2021-09-01T00:00:00", dateUpdated: "2024-08-04T02:44:09.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2014-11-26 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | 7.1 | |
| siemens | simatic_pcs7 | 7.1 | |
| siemens | simatic_pcs7 | 7.1 | |
| siemens | simatic_pcs7 | 8.0 | |
| siemens | simatic_pcs7 | 8.0 | |
| siemens | simatic_pcs7 | 8.1 | |
| siemens | simatic_tiaportal | 13.0 | |
| siemens | simatic_tiaportal | 13.0 | |
| siemens | simatic_tiaportal | 13.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "BE258BF2-AD82-401C-B020-08A22A549A25", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*", matchCriteriaId: "33FA164B-E269-4140-AC85-2623356AF636", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp4:*:*:*:*:*:*", matchCriteriaId: "D62C7959-87D9-42EC-A224-2EE6EF23C1CF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.0:sp1:*:*:*:*:*:*", matchCriteriaId: "428F68D2-8C1D-4ADE-A6FB-65EC4C426F99", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.0:sp2:*:*:*:*:*:*", matchCriteriaId: "14193511-1B9B-4319-92AE-BB26F398550C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "172A6A81-C32E-4ACC-AB8C-2014BF3A6901", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_tiaportal:13.0:*:*:*:*:*:*:*", matchCriteriaId: "19C3A00B-A47E-4723-B652-B64FDC5F2601", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_tiaportal:13.0:3:*:*:*:*:*:*", matchCriteriaId: "144DE778-4439-489F-830D-B4742BB11FEB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_tiaportal:13.0:5:*:*:*:*:*:*", matchCriteriaId: "39B75B5E-7979-4E3B-BE94-AE04F17A6F3C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3CF84FC5-9450-47B7-A4F0-99361C528C00", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp1:*:*:*:*:*:*", matchCriteriaId: "E8274939-833E-40E1-8D2E-1B28CEA91036", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp2:*:*:*:*:*:*", matchCriteriaId: "61F46206-F232-4F62-AF4F-E2DCF462AE60", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*", matchCriteriaId: "0D0BB2E6-1444-499A-943E-8D19C402F1BD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:1:*:*:*:*:*:*", matchCriteriaId: "2D6E154F-F8A0-4E9D-BC37-E95B1820D2BF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:2:*:*:*:*:*:*", matchCriteriaId: "D6745F96-FA72-457B-AD14-07C4B353310F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:3:*:*:*:*:*:*", matchCriteriaId: "E555D458-59C4-4CBC-95F4-CBA503BCCB24", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:4:*:*:*:*:*:*", matchCriteriaId: "3BEE67FC-D188-4B0C-A837-FC91B406982E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:5:*:*:*:*:*:*", matchCriteriaId: "75121F46-303D-4416-8FBD-1938BDD60AAB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:6:*:*:*:*:*:*", matchCriteriaId: "FF8B251F-399E-4165-B3A6-801775212C5D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:7:*:*:*:*:*:*", matchCriteriaId: "FBE45DD1-630F-448F-90FE-D3CC00266EF1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:8:*:*:*:*:*:*", matchCriteriaId: "CFC7DC1F-B4C5-4116-9B53-706F2B3227DD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:1:*:*:*:*:*:*", matchCriteriaId: "B8F27E75-90CD-4C3B-AF0E-90EF338A2D91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to read arbitrary files via crafted packets.", }, { lang: "es", value: "El servidor WinCC en Siemens SIMATIC WinCC 7.0 hasta SP3, 7.2 anterior a la actualización 9, y 7.3 anterior a la actualización 2; SIMATIC PCS 7 7.1 hasta SP4, 8.0 hasta SP2; y 8.1; y TIA Portal 13 anterior a la actualización 6 permite a atacantes remotos leer ficheros arbitrarios a través de paquetes manipulados.", }, ], id: "CVE-2014-8552", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-11-26T11:59:01.373", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-05-11 10:29
Modified
2025-04-20 01:37
Severity ?
Summary
A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the "administrators" group to crash services by sending specially crafted messages to the DCOM interface.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://www.securityfocus.com/bid/98368 | Third Party Advisory, VDB Entry | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf | ||
| productcert@siemens.com | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98368 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc_\(tia_portal\) | 13 | |
| siemens | simatic_wincc_\(tia_portal\) | 14 | |
| siemens | simatic_wincc_runtime | 13 | |
| siemens | simatic_wincc_runtime | 14 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", matchCriteriaId: "8D6229A2-9B8E-4F76-8425-589D2CE58B16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13:sp1:*:*:professional:*:*:*", matchCriteriaId: "F8FA6B17-FA61-44FC-BAA7-AAC63ECBD996", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14:*:*:*:professional:*:*:*", matchCriteriaId: "B0E21465-76ED-4803-A40A-539500B993F9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:*:*:professional:*:*:*", matchCriteriaId: "57CE0216-AA81-416B-88D2-3321D2A2A16D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:14:*:*:*:professional:*:*:*", matchCriteriaId: "D8893E54-CF26-448A-9C32-90E5F8D8CC84", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1), SIMATIC WinCC Runtime Professional (V13 before SP2 and V14 before SP1), SIMATIC WinCC (TIA Portal) Professional (V13 before SP2 and V14 before SP1) that could allow an authenticated, remote attacker who is member of the \"administrators\" group to crash services by sending specially crafted messages to the DCOM interface.", }, { lang: "es", value: "Se detectó una vulnerabilidad en SIMATIC WinCC (versión V7.3 anterior a Upd 11 y versión V7.4 anterior a SP1), SIMATIC WinCC Runtime Professional (versión V13 anterior a SP2 y versión V14 anterior a SP1), SIMATIC WinCC (TIA Portal) Professional (versión V13 anterior a SP2 y versión V14 anterior a SP1) de Siemens, eso podría permitir a un atacante remoto autenticado, quien es miembro del grupo de los \"administrators\" bloquear los servicios enviando mensajes especialmente diseñados a la interfaz DCOM.", }, ], id: "CVE-2017-6867", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-05-11T10:29:00.260", references: [ { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98368", }, { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-523365.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-156872.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-03-10 20:15
Modified
2024-11-21 04:34
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.
Successful exploitation requires no system privileges and no user interaction.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | openpcs_7 | 9.0 | |
| siemens | openpcs_7 | 9.0_update_1 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_route_control | * | |
| siemens | simatic_route_control | 9.0 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5.1 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 14.0.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 16 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:openpcs_7:9.0:-:*:*:*:*:*:*", matchCriteriaId: "1CBF717A-B2D4-459C-894A-65622570645D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:9.0_update_1:*:*:*:*:*:*:*", matchCriteriaId: "957DDF70-1837-4E92-A707-944AD6ED4304", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:-:*:*:*:*:*:*", matchCriteriaId: "E54F6E83-C353-44FB-9F37-C03DA344A5DC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1:*:*:*:*:*:*", matchCriteriaId: "3E19D98B-B40A-4589-8C26-7722C25EEC63", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_1:*:*:*:*:*:*", matchCriteriaId: "85CDD274-B2B4-4DB0-9917-C16B5D900006", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_2:*:*:*:*:*:*", matchCriteriaId: "0B435D51-FFA2-4F19-9B51-404BB37D7F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_3:*:*:*:*:*:*", matchCriteriaId: "AFBBC7D6-D1D4-452E-A744-B490CF002354", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_4:*:*:*:*:*:*", matchCriteriaId: "98BC62E3-4C0B-481A-9274-B9C785F8FDC5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*", matchCriteriaId: "744B5953-511F-42CA-80A0-DBE36A6AA144", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", matchCriteriaId: "496E3C43-5DA8-4983-8AC6-0F32454E22F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "858628AC-EA69-4D72-AE23-77A4A8DE2547", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "F4A75F15-8F47-4348-A85C-D94BBA8F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*", matchCriteriaId: "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp1:*:*:*:*:*:*", matchCriteriaId: "7AA0E077-AB19-473B-9454-8FED7188A2C4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp2:*:*:*:*:*:*", matchCriteriaId: "19EA3CAD-E7CB-412F-A2EA-86A81EC25425", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*", matchCriteriaId: "885BA05F-BD8F-4DE9-BDD3-6C2C76418B05", versionEndExcluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*", matchCriteriaId: "57073CE8-174E-429D-A721-AB14C7D16D4F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_1:*:*:*:*:*:*", matchCriteriaId: "9589FF11-4F9B-40F6-A6C6-55405B9EE351", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_10:*:*:*:*:*:*", matchCriteriaId: "1DB57B3A-C3B6-4E61-9DAE-B12CEA8CD093", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_11:*:*:*:*:*:*", matchCriteriaId: "EA6B2933-9C44-480C-96DC-6DF8C88950AF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_12:*:*:*:*:*:*", matchCriteriaId: "45097864-DD87-4587-997B-792F0175472B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_13:*:*:*:*:*:*", matchCriteriaId: "2FB24A30-0F93-430D-817E-05E4594C8823", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_2:*:*:*:*:*:*", matchCriteriaId: "25237B9A-2E51-4F17-BD75-04D245CCC51D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_3:*:*:*:*:*:*", matchCriteriaId: "90643D49-9EFC-4B9A-99C8-266135DF2E00", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_4:*:*:*:*:*:*", matchCriteriaId: "AC4D7B24-91FF-4891-ABC3-683A6C72ADDA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_5:*:*:*:*:*:*", matchCriteriaId: "D1DD77A4-1716-4793-AD73-79D04E3D2AEE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_6:*:*:*:*:*:*", matchCriteriaId: "5E667123-6909-4DF2-8CEB-6E87E9FC48BC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_7:*:*:*:*:*:*", matchCriteriaId: "04A5C76A-5D6D-47F8-BEF7-503F9A89AD18", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_8:*:*:*:*:*:*", matchCriteriaId: "E776629C-904C-49D6-BF3F-8520FA7D5DFA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_9:*:*:*:*:*:*", matchCriteriaId: "805DAA15-03A3-4F63-90F7-EA130E5136F2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:-:*:*:*:*:*", matchCriteriaId: "00A48A8E-C112-4778-8A7B-2386E88A0177", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5.1:-:*:*:*:*:*:*", matchCriteriaId: "D3D10C7E-5FD5-4B37-884B-B450DE5F800B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*", matchCriteriaId: "0D9FE447-2090-47D2-8667-5DC7605089BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*", matchCriteriaId: "BB4FFADC-51F0-439F-9F80-D2B2614FFC39", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5A7162-F1B5-4E74-99D6-4108AC4C49FC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*", matchCriteriaId: "50B77C2A-4D66-4407-8CA4-99C43ED72DDB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*", matchCriteriaId: "9794ED7E-EB17-4C95-B900-840A48758F03", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*", matchCriteriaId: "57E82CFE-4191-4055-A0BA-EAB7BE96D947", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*", matchCriteriaId: "C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*", matchCriteriaId: "B5AF87C6-F8D6-4462-9DF5-B9D301002B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*", matchCriteriaId: "A4316924-9EF8-4835-A2E4-0C81F4DE473D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.\nSuccessful exploitation requires no system privileges and no user interaction.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en OpenPCS 7 V8.1 (Todas las versiones), OpenPCS 7 V8.2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a V9.0 Upd3), SIMATIC BATCH V8.1 (Todas las versiones), SIMATIC BATCH V8.2 (Todas las versiones), SIMATIC BATCH V9.0 (Todas las versiones anteriores a V9. 0 SP1 Upd5), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC PCS 7 V8.1 (Todas las versiones), SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9. 0 SP3), SIMATIC Route Control V8.1 (Todas las versiones), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones anteriores a V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC (TIA Portal) V14 (Todas las versiones anteriores a V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15. 1 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC WinCC V7.3 (Todas las versiones), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP1 Update 1). A través de mensajes especialmente diseñados, cuando la comunicación cifrada está habilitada, un atacante con acceso a la red podría utilizar la vulnerabilidad para comprometer la disponibilidad del sistema causando una condición de denegación de servicio. La explotación exitosa no requiere privilegios del sistema ni interacción del usuario", }, ], id: "CVE-2019-19282", lastModified: "2024-11-21T04:34:29.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2020-03-10T20:15:18.960", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-131", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2022-05-20 13:15
Modified
2024-11-21 06:50
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | simatic_wincc_runtime_professional | 17 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "DFA18372-7E7D-4C51-8FA0-EE193DECB88D", versionEndIncluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.1:*:*:*:*:*:*:*", matchCriteriaId: "8852CFC7-FE90-4654-9F85-9181884F948E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2E9785-246F-496B-9139-02E2F4003352", versionEndIncluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*", matchCriteriaId: "3422B714-DB0F-4EE3-A7D4-9A0165214563", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "70B79B00-F61D-4F10-AD7B-74718F061D9E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "A8766442-CC8D-4221-89B8-F75D195F71E8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*", matchCriteriaId: "26C08FB9-AFEB-4A53-AAB3-37C9717B30C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*", matchCriteriaId: "68896900-7FCC-4BFB-B787-8992B459F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update5:*:*:*:*:*:*", matchCriteriaId: "1059B529-02F0-4C85-A35E-2282546FA990", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update6:*:*:*:*:*:*", matchCriteriaId: "938D44C5-7B26-4400-970D-B3AA50DDD055", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update7:*:*:*:*:*:*", matchCriteriaId: "E9E28D92-0643-4967-94C5-8B8F414158A3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "EC34D005-A65F-4AFE-BF1F-53A5AC950A22", versionEndIncluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:17:*:*:*:*:*:*:*", matchCriteriaId: "9B76C5CC-652F-4117-8214-E219C12AA082", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC06), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Upd4), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 21), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). A missing printer configuration on the host could allow an authenticated attacker to escape the WinCC Kiosk Mode.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V9.0 y anteriores (Todas las versiones), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores V9.1 SP1 UC01), SIMATIC WinCC Runtime Professional V16 y anteriores (Todas las versiones), SIMATIC WinCC Runtime Professional V17 (Todas las versiones anteriores V17 Upd4), SIMATIC WinCC V7.4 y anteriores (Todas las versiones), SIMATIC WinCC V7.5 (Todas las versiones anteriores V7.5 SP2 Update 8). Un atacante autenticado podría escapar del modo quiosco de WinCC abriendo el cuadro de diálogo de la impresora en la aplicación afectada en caso de que no haya ninguna impresora instalada", }, ], id: "CVE-2022-24287", lastModified: "2024-11-21T06:50:05.667", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2022-05-20T13:15:14.680", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-363107.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1188", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-1188", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-09 17:15
Modified
2024-11-21 04:54
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "C32103C4-3706-47F0-B626-FA9EFB0643D1", versionEndExcluding: "7.5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC WinCC (All versions < V7.5 SP2). Due to an insecure password verification process, an attacker could bypass the password protection set on protected files, thus being granted access to the protected content, circumventing authentication.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 (todas las versiones), SIMATIC WinCC (todas las versiones anteriores a V7.5 SP2). Debido a un proceso de verificación de contraseña no seguro, un atacante podría omitir la protección con contraseña establecida en los archivos protegidos, obteniendo así acceso al contenido protegido, evitando la autenticación", }, ], id: "CVE-2020-10048", lastModified: "2024-11-21T04:54:42.183", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-09T17:15:13.360", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-944678.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-288", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-24 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | Third Party Advisory, VDB Entry | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | Mitigation, Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | openpcs_7 | * | |
| siemens | openpcs_7 | 8.0 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.2 | |
| siemens | openpcs_7 | 9.0 | |
| siemens | simatic_batch | 7.1 | |
| siemens | simatic_batch | 8.0 | |
| siemens | simatic_batch | 8.0 | |
| siemens | simatic_batch | 8.1 | |
| siemens | simatic_batch | 8.1 | |
| siemens | simatic_batch | 8.1 | |
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 8.0 | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_route_control | * | |
| siemens | simatic_route_control | 8.0 | |
| siemens | simatic_route_control | 8.1 | |
| siemens | simatic_route_control | 9.0 | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | simatic_wincc_runtime_professional | 13 | |
| siemens | simatic_wincc_runtime_professional | 13 | |
| siemens | simatic_wincc_runtime_professional | 14 | |
| siemens | simatic_wincc_runtime_professional | 14 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | sppa-t3000_application_server | * | |
| siemens | sppa-t3000_application_server | r8.2 | |
| siemens | sppa-t3000_application_server | r8.2 | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_net_pc_software | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:openpcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "E2CDCCD5-E4C7-4E52-8316-07F93E820842", versionEndIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:8.0:*:*:*:*:*:*:*", matchCriteriaId: "63F01837-6121-48E3-A18C-691AAC2800BD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:8.1:-:*:*:*:*:*:*", matchCriteriaId: "781DC7D3-D470-465E-8E0A-9978CB2A6454", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:8.1:upd_1:*:*:*:*:*:*", matchCriteriaId: "726E5A2D-97EA-415A-A251-66A975B3F98C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:8.1:upd_2:*:*:*:*:*:*", matchCriteriaId: "ED9B2A87-0C1E-476E-AF7E-71EAB0CECEF0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:8.1:upd_3:*:*:*:*:*:*", matchCriteriaId: "20D3788F-FD9E-4A0F-A7C7-843B1ED67D34", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:8.1:upd_4:*:*:*:*:*:*", matchCriteriaId: "F8186041-B1D6-4460-ACA7-23494D1F0E7C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "AF8FF2D9-B31F-46DC-AF37-E0314F3D0B32", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:openpcs_7:9.0:*:*:*:*:*:*:*", matchCriteriaId: "3890EC18-2B5D-4B5A-8B21-6A0D1211EA98", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_batch:7.1:*:*:*:*:*:*:*", matchCriteriaId: "9E94E0B9-2950-42CA-837E-7900F820A9F9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.0:-:*:*:*:*:*:*", matchCriteriaId: "2C782AC7-6EAB-4F35-A646-52A4AC77E1D7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.0:sp1_upd20:*:*:*:*:*:*", matchCriteriaId: "3C509A97-9DD2-413A-A7ED-B30FD9E5C98F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.1:-:*:*:*:*:*:*", matchCriteriaId: "EE12DBC8-CD75-4517-BD3B-709E98B4D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.1:sp1_upd14:*:*:*:*:*:*", matchCriteriaId: "38894CBB-44DA-4690-B762-4AA497C95037", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.1:sp1_upd15:*:*:*:*:*:*", matchCriteriaId: "59178885-4A50-4AC6-A3BE-B288A1F6B5F9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.2:-:*:*:*:*:*:*", matchCriteriaId: "4CAFD7F2-BB23-4E3A-A30E-78290D5EAB47", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.2:upd_9:*:*:*:*:*:*", matchCriteriaId: "F043FAC3-661C-4226-AA70-7EF836DDBA55", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:*:*:*:*:*:*:*", matchCriteriaId: "4E1EFC3E-F29B-48C5-869C-F356414C8088", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*", matchCriteriaId: "3C06726E-497A-4FEF-8B4B-AF3F7B0EEFA4", versionEndExcluding: "15", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", matchCriteriaId: "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "4DFBFF6B-DBC8-451D-A235-4C7E1F0883D5", versionEndIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.0:*:*:*:*:*:*:*", matchCriteriaId: "3566C20F-A4A7-494F-AAD2-A11B0AD783D2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "858628AC-EA69-4D72-AE23-77A4A8DE2547", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:-:*:*:*:*:*:*", matchCriteriaId: "3EEF9BE1-F6E2-4C05-8020-4D7540882464", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*", matchCriteriaId: "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*", matchCriteriaId: "20927394-2126-48C5-B0D5-88E16B6491DA", versionEndIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:8.0:*:*:*:*:*:*:*", matchCriteriaId: "ACF395C1-AA95-4064-BDEF-9B3C30FF6B29", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:8.1:*:*:*:*:*:*:*", matchCriteriaId: "BF693D1E-091C-4CBE-957C-58C47B4E44D4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*", matchCriteriaId: "57073CE8-174E-429D-A721-AB14C7D16D4F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "6AAE5EBD-1B43-447D-8C19-9D3296F137F9", versionEndExcluding: "13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:13:-:*:*:*:*:*:*", matchCriteriaId: "00B0EEF6-E1F9-4AEB-82AA-445D161639D3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:13:sp2_upd_1:*:*:*:*:*:*", matchCriteriaId: "DB8D7040-0223-413F-B87F-3417CFA50BB8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:14:-:*:*:*:*:*:*", matchCriteriaId: "17F622A5-75AE-4E5C-80CB-53C39EAE356D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:14:sp1_upd_4:*:*:*:*:*:*", matchCriteriaId: "8D2F5FA7-6B23-413C-AF6D-CA95EDA59212", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "C9C72CD2-86C8-4E79-AF98-A3D58E882DED", versionEndExcluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:-:*:*:*:*:*:*", matchCriteriaId: "EF42322A-1E6E-44F6-B943-DC56E87F80D2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:upd_14:*:*:*:*:*:*", matchCriteriaId: "A54099D6-1E2E-4DC5-98FD-6004758C581A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:-:*:*:*:*:*:*", matchCriteriaId: "AE3690D0-60A7-4E52-A36A-ADBA01F8D99F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:upd_15:*:*:*:*:*:*", matchCriteriaId: "98174EBE-EC43-431C-B943-11B21A167A79", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_upd_3:*:*:*:*:*:*", matchCriteriaId: "9A699260-A239-46BE-BF64-A767D4F267FC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sppa-t3000_application_server:*:*:*:*:*:*:*:*", matchCriteriaId: "5CE233B0-3F20-4FA8-8E26-CCC3E21E49E1", versionEndExcluding: "r8.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sppa-t3000_application_server:r8.2:-:*:*:*:*:*:*", matchCriteriaId: "4EBA7673-3A24-4DF7-9D9C-4B863863083C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sppa-t3000_application_server:r8.2:sp1:*:*:*:*:*:*", matchCriteriaId: "D0975E8C-C34F-4BD2-B4CF-41E5FBFD8A12", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*", matchCriteriaId: "3C06726E-497A-4FEF-8B4B-AF3F7B0EEFA4", versionEndExcluding: "15", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", matchCriteriaId: "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*", matchCriteriaId: "7A28DF82-4863-47FA-82FF-C3D63CFB1782", versionEndExcluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en OpenPCS 7 V7.1 y anteriores (Todas las versiones), OpenPCS 7 V8.0 (Todas las versiones), OpenPCS 7 V8.1 (Todas las versiones anteriores a V8.1 Upd5), OpenPCS 7 V8. 2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a V9.0 Upd1), SIMATIC BATCH V7.1 y anteriores (Todas las versiones), SIMATIC BATCH V8.0 (Todas las versiones anteriores a V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (Todas las versiones anteriores a V8. 1 SP1 Upd16), SIMATIC BATCH V8.2 (Todas las versiones anteriores a V8.2 Upd10), SIMATIC BATCH V9.0 (Todas las versiones anteriores a V9.0 SP1), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones anteriores a 15 SP1), SIMATIC PCS 7 V7. 1 y anteriores (Todas las versiones), SIMATIC PCS 7 V8.0 (Todas las versiones), SIMATIC PCS 7 V8.1 (Todas las versiones), SIMATIC PCS 7 V8. 2 (Todas las versiones anteriores a V8.2 SP1), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP1), SIMATIC Route Control V7.1 y anteriores (Todas las versiones), SIMATIC Route Control V8.0 (Todas las versiones), SIMATIC Route Control V8.1 (Todas las versiones), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones anteriores a V9. 0 Upd1), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a V14 SP1 Upd5), SIMATIC WinCC V7.2 y anteriores (Todas las versiones anteriores a WinCC 7. 2 Upd 15), SIMATIC WinCC V7.3 (Todas las versiones anteriores a WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Upd 4), SPPA-T3000 Application Server (Todas las versiones anteriores a Service Pack R8.2 SP2). Los mensajes especialmente diseñados enviados al servicio RPC de los productos afectados podrían causar una condición de denegación de servicio en la funcionalidad de comunicación remota y local de los productos afectados. Es necesario reiniciar el sistema para recuperar la funcionalidad de comunicación remota y local. Tenga en cuenta que un atacante necesita tener acceso a la red del servidor de aplicaciones para poder explotar esta vulnerabilidad. En el momento de la publicación del aviso no se conocía ninguna explotación pública de esta vulnerabilidad de seguridad", }, ], id: "CVE-2018-4832", lastModified: "2024-11-21T04:07:32.557", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-24T17:29:00.227", references: [ { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html", }, { source: "productcert@siemens.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-14 20:29
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | Vendor Advisory | |
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc_\(tia_portal\) | 13.0 | |
| siemens | simatic_wincc_\(tia_portal\) | 14.0 | |
| siemens | simatic_wincc_\(tia_portal\) | 15.0 | |
| siemens | simatic_wincc_runtime_professional | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "78F045C4-8DC2-4FA8-833D-B430EA26F2A0", versionEndIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "858628AC-EA69-4D72-AE23-77A4A8DE2547", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "F4A75F15-8F47-4348-A85C-D94BBA8F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:*:*:*:*:*:*:*", matchCriteriaId: "3F27A96F-58B7-492F-8CF7-DE04D4EDAAD8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "23B89914-E5BA-4670-B692-092AE9FFE148", versionEndIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", matchCriteriaId: "8D6229A2-9B8E-4F76-8425-589D2CE58B16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*", matchCriteriaId: "E3D1A823-CE50-441F-B060-DA678DFE24FD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*", matchCriteriaId: "28A1BA01-7A92-4368-8A73-8FA47A08BC53", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):15.0:*:*:*:*:*:*:*", matchCriteriaId: "0256663E-3A97-4E99-995D-7446804DB496", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "E07DBA91-379C-40F5-8C45-6EC302F5CA7D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An authenticatd attacker with network access to the DCOM interface could execute arbitrary commands with SYSTEM privileges. The vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires authentication with a low-privileged user account and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.0 y anteriores (Todas las versiones), SIMATIC PCS 7 V8.1 (Todas las versiones anteriores a la versión V8.1 con WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (Todas las versiones anteriores a la versión V8.2 SP1 con WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a la versión V9.0 SP2 con WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (Todas las versiones) , SIMATIC WinCC Professional (TIA Portal V14) (Todas las versiones anteriores a la versión V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (Todas las versiones anteriores a la versión V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (Todas las versiones), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versión V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versión V15.1 Upd 3), SIMATIC WinCC V7.2 y anteriores (Todas las versiones), SIMATIC WinCC V7.3 (Todas las versiones anteriores a la versión V7.3 Upd 19), SIMATIC WinCC V7.4 (Todas las versiones anteriores a la versión V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 Upd 3). La aplicación web SIMATIC WinCC DataMonitor de los productos afectados permite cargar código ASPX arbitrario. La vulnerbilidad de seguridad podría ser explotada por un atacante autenticado con acceso de red a la aplicación WinCC DataMonitor. No se requiere interacción del usuario para explotar esta vulnerabilidad. La vulnerabilidad afecta la confidencialidad, integridad y disponibilidad del dispositivo afectado. En la etapa de publicación de este aviso de seguridad no se conoce explotación pública.", }, ], id: "CVE-2019-10918", lastModified: "2024-11-21T04:20:08.927", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-14T20:29:02.483", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-749", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-07-22 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/92112 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1036441 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf | Mitigation, Vendor Advisory | |
| cve@mitre.org | https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92112 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036441 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_batch | * | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_openpcs_7 | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_openpcs_7 | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_wincc_runtime_professional | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_batch:*:*:*:*:*:*:*:*", matchCriteriaId: "640FFC01-A0B7-466F-AE23-4BAEAADA4D7C", versionEndIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "441E574D-1A66-4D8B-A0C5-4CC03E1D89D1", versionEndIncluding: "7.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2E9785-246F-496B-9139-02E2F4003352", versionEndIncluding: "7.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:sp1:*:*:*:*:*:*", matchCriteriaId: "9B434F8E-7E14-4D76-AC55-A15EF8EC10FB", versionEndIncluding: "8.1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_openpcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "E38B1737-F40A-4278-8687-6928AE03B0C0", versionEndIncluding: "8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:sp1:*:*:*:*:*:*", matchCriteriaId: "9B434F8E-7E14-4D76-AC55-A15EF8EC10FB", versionEndIncluding: "8.1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_openpcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "4A18AA81-7FC3-4977-AFC9-77920845C8B8", versionEndIncluding: "8.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "8B62697B-2F75-44EA-A1F8-14BF9D1F99CC", versionEndIncluding: "8.2", vulnerable: false, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:sp1:*:*:*:*:*:*", matchCriteriaId: "7F133189-C3AB-4FFD-9B5C-F181CFE50671", versionEndIncluding: "13", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.", }, { lang: "es", value: "Siemens SIMATIC WinCC en versiones anteriores a 7.3 Update 10 y 7.4 en versiones anteriores a Update 1, SIMATIC BATCH en versiones anteriores a 8.1 SP1 Update 9 según se distribuye en SIMATIC PCS 7 hasta la versión 8.1 SP1, SIMATIC OpenPCS 7 en versiones anteriores a 8.1 Update 3 según se distribuye en SIMATIC PCS 7 hasta la versión 8.1 SP1, SIMATIC OpenPCS 7 en versiones anteriores a 8.2 Update 1 según se distribuye en SIMATIC PCS 7 8.2 y SIMATIC WinCC Runtime Professional en versiones anteriores a 13 SP1 Update 9 permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados.", }, ], id: "CVE-2016-5743", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-07-22T15:59:00.147", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92112", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036441", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, { source: "cve@mitre.org", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92112", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036441", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-05-11 10:29
Modified
2025-04-20 01:37
Severity ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf | ||
| productcert@siemens.com | https://www.securityfocus.com/bid/98366 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/98366 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | pcs_7 | - | |
| siemens | primary_setup_tool | - | |
| siemens | security_configuration_tool | - | |
| siemens | simatic_automation_tool | - | |
| siemens | simatic_net_pc-software | - | |
| siemens | simatic_step_7_\(tia_portal\) | 5.0 | |
| siemens | simatic_step_7_\(tia_portal\) | 13.0 | |
| siemens | simatic_step_7_\(tia_portal\) | 14.0 | |
| siemens | simatic_step_7_micro\/win_smart | - | |
| siemens | simatic_winac_rtx_2010 | - | |
| siemens | simatic_winac_rtx_f_2010 | - | |
| siemens | simatic_wincc | - | |
| siemens | simatic_wincc_\(tia_portal\) | 13.0 | |
| siemens | simatic_wincc_\(tia_portal\) | 14.0 | |
| siemens | simatic_wincc_flexible_2008 | - | |
| siemens | sinaut_st7cc | - | |
| siemens | sinema_server | - | |
| siemens | sinumerik_808d_programming_tool | - | |
| siemens | smart_pc_access | 2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:pcs_7:-:*:*:*:*:*:*:*", matchCriteriaId: "399B0B7B-17F7-463C-A124-5DE77337E212", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:primary_setup_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "8046A64D-4C80-4199-B1A7-F77D02428ACD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:security_configuration_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "C33765E4-619E-4566-BF96-4A7C8776A0CB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_automation_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "5306C1B1-5944-49F1-8BEC-5F811C891BED", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc-software:-:*:*:*:*:*:*:*", matchCriteriaId: "6BE3E184-1158-488C-A689-34C70C6861F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):5.0:*:*:*:*:*:*:*", matchCriteriaId: "3F096B1D-366B-4E2E-A03F-607559623FE8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):13.0:*:*:*:*:*:*:*", matchCriteriaId: "32A02189-0785-4A64-BC00-830733F21792", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):14.0:*:*:*:*:*:*:*", matchCriteriaId: "62D57BAA-A31B-4369-837D-90796779C487", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7_micro\\/win_smart:-:*:*:*:*:*:*:*", matchCriteriaId: "00CA4054-615D-4821-909A-411E4BCD3D06", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:sp2:*:*:*:*:*:*", matchCriteriaId: "9D74E76A-5EE5-41AE-9C56-742EC9AD1408", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_winac_rtx_f_2010:-:sp2:*:*:*:*:*:*", matchCriteriaId: "FB81FD88-3D70-4413-B035-93A3D5389170", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:-:*:*:*:*:*:*:*", matchCriteriaId: "0F7BB505-A6B6-4200-9602-E4D348E407AB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*", matchCriteriaId: "E3D1A823-CE50-441F-B060-DA678DFE24FD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*", matchCriteriaId: "28A1BA01-7A92-4368-8A73-8FA47A08BC53", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_flexible_2008:-:*:*:*:*:*:*:*", matchCriteriaId: "E2429ABE-55D8-4E6D-89EB-CE016B9336ED", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinaut_st7cc:-:*:*:*:*:*:*:*", matchCriteriaId: "0BCB1BDC-91E7-48DC-85BA-45A2B5B840B0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:-:*:*:*:*:*:*:*", matchCriteriaId: "DCC74BDB-87BD-40E1-8426-0353266F194E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinumerik_808d_programming_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "B82B7F7E-C9D4-4B31-9482-41BF35C8F470", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:smart_pc_access:2.0:*:*:*:*:*:*:*", matchCriteriaId: "F54273D3-5C43-4343-B71F-FAD16A5CEF50", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC Automation Tool (All versions < V3.0), SIMATIC NET PC-Software (All versions < V14 SP1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1), SIMATIC STEP 7 V5.X (All versions < V5.6), SIMATIC WinAC RTX 2010 SP2 (All versions), SIMATIC WinAC RTX F 2010 SP2 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1), SIMATIC WinCC V7.2 and prior (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Update 15), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (All versions < flexible 2008 SP5), SINAUT ST7CC (All versions installed in conjunction with SIMATIC WinCC < V7.3 Update 15), SINEMA Server (All versions < V14), SINUMERIK 808D Programming Tool (All versions < V4.7 SP4 HF2), SMART PC Access (All versions < V2.3), STEP 7 - Micro/WIN SMART (All versions < V2.3), Security Configuration Tool (SCT) (All versions < V5.0). Specially crafted PROFINET DCP broadcast packets sent to the affected products on a local Ethernet segment (Layer 2) could cause a Denial-of-Service condition of some services. The services require manual restart to recover.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en Primary Setup Tool (PST) (todas las versiones 4.2 HF1), SIMATIC Automation Tool (todas las versiones 3.0), SIMATIC NET PC-software (todas las versiones 14 SP1), SIMATIC PCS 7 Versión 8.1 (todas las versiones), SIMATIC PCS 7 Versión 8.2 (todas las versiones 8.2 SP1), SIMATIC STEP Versión 7 (TIA Portal) Versión 13 (todas las versiones 13 SP2), SIMATIC STEP Versión 7 (TIA Portal) Versión 14 (todas las versiones 14 SP1), SIMATIC STEP 7 Versión 5.x (todas las versiones 5.6), SIMATIC WinAC RTX 2010 SP2 (todas las versiones), SIMATIC WinAC RTX F 2010 SP2 (todas versiones), SIMATIC WinCC (TIA Portal) Versión 13 (todas las versiones 13 SP2), SIMATIC WinCC (TIA Portal) Versión 14 (todas las versiones 14 SP1), SIMATIC WinCC Versión 7.2 y anteriores (todos versiones), SIMATIC WinCC Versión 7.3 (todas las versiones 7.3 actualización 15), SIMATIC WinCC Versión 7.4 (todas las versiones 7.4 SP1 Upd1), SIMATIC WinCC flexible 2008 (todas las versiones anteriores a flexible 2008 SP5), SINAUT ST7CC (todas las versiones instaladas en conjunto con SIMATIC WinCC Versión 7.3 actualización 15), SINEMA Server (todas las versiones 14), SINUMERIK 808D Programming Tool (todas las versiones 4.7 SP4 HF2), SMART PC Access (todas las versiones 2.3), STEP 7 - Micro/WIN SMART (todas las versiones 2.3), Security Configuration Tool (SCT) (todas las versiones 5.0). Los paquetes de difusión PROFINET DCP especialmente creados enviados a los productos afectados en un segmento Ethernet local (Layer 2) podrían causar una condición de denegación de servicio de algunos servicios. Los servicios requieren el reinicio manual para recuperarse.", }, ], id: "CVE-2017-6865", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-05-11T10:29:00.227", references: [ { source: "productcert@siemens.com", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf", }, { source: "productcert@siemens.com", url: "https://www.securityfocus.com/bid/98366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-275839.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.securityfocus.com/bid/98366", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-14 20:29
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without "Encrypted Communication", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://www.securityfocus.com/bid/108398 | Third Party Advisory, VDB Entry | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/108398 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "78F045C4-8DC2-4FA8-833D-B430EA26F2A0", versionEndIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "1CDFAB4E-8D98-4484-A1E8-381E6BFBF9AD", versionStartIncluding: "8.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "23B89914-E5BA-4670-B692-092AE9FFE148", versionEndIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "BBFF6F62-695B-4AD3-8CD9-0923CBF6A95D", versionStartIncluding: "7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 and newer (All versions), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 and newer (All versions). An attacker with network access to affected installations, which are configured without \"Encrypted Communication\", can execute arbitrary code. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected installation. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, { lang: "es", value: "Ha sido identificada una vulnerabilidad en SIMATIC PCS 7 V8.0 y anteriores (Todas las versiones), SIMATIC PCS 7 V8.1 y más recientes (Todas las versiones), SIMATIC WinCC V7.2 y anteriores (Todas las versiones), SIMATIC WinCC V7.3 y más nuevos (todas las versiones). Un atacante con acceso de red a las instalaciones afectadas, que están configuradas sin la \"Comunicación cifrada\", puede ejecutar código arbitrario. La vulnerabilidad de la seguridad podría ser explotada por un atacante no autenticado con acceso de red a la instalación afectada. No se requiere la interacción del usuario para explotar esta vulnerabilidad de seguridad. La vulnerabilidad afecta la confidencialidad, la integridad y la disponibilidad del dispositivo. En el momento de la publicación de asesoramiento, no se conocía la explotación pública de esta vulnerabilidad de seguridad.", }, ], id: "CVE-2019-10922", lastModified: "2024-11-21T04:20:09.473", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-14T20:29:02.763", references: [ { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108398", }, { source: "productcert@siemens.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/108398", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-306", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-09 16:15
Modified
2024-11-21 06:23
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 14.0.1 | |
| siemens | simatic_wincc | 15 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 17 | |
| siemens | simatic_wincc | 17 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "8B62697B-2F75-44EA-A1F8-14BF9D1F99CC", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*", matchCriteriaId: "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*", matchCriteriaId: "0D25510C-F677-4A98-806C-FF644F11EEC6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "3F39B396-140B-4005-9A61-F984C9FAF742", versionEndExcluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*", matchCriteriaId: "88F6B3BF-727F-432E-89D8-37FB7C76FE2B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*", matchCriteriaId: "62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*", matchCriteriaId: "AF3F613C-6707-4517-B4B8-530C912B79E6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*", matchCriteriaId: "590F62CE-9245-4AC9-9FBC-35136E217B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update14:*:*:*:*:*:*", matchCriteriaId: "3C5F5AD3-878D-42B0-B30E-8B0B6174486B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update15:*:*:*:*:*:*", matchCriteriaId: "57F59EE1-46FC-4B94-AB30-F1D3235C5A1D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update16:*:*:*:*:*:*", matchCriteriaId: "BA774F51-885C-4579-982E-431A8AB027B7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update17:*:*:*:*:*:*", matchCriteriaId: "110DF98C-BE75-43B6-B63D-1D7D99AFFA73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update18:*:*:*:*:*:*", matchCriteriaId: "11F812DE-BF33-4CB0-8E21-81682E3B88CA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "241D5A28-FB22-4C5B-A067-733168E847BF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*", matchCriteriaId: "A5418F92-84A9-439C-B86C-ED5820697603", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*", matchCriteriaId: "40631FBD-116B-4589-B77A-6C5A69990F73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*", matchCriteriaId: "64B14972-6163-4D44-A9C6-16328E02AC69", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*", matchCriteriaId: "8929E926-740F-4F17-B52C-4C73914B1818", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*", matchCriteriaId: "D4F72666-D10A-4EB2-80D3-18B04C101256", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*", matchCriteriaId: "0E343221-1E1A-4EE7-80AE-AB24E2244BA0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*", matchCriteriaId: "1BF716D7-0A77-400F-9B43-64FBE3E65735", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*", matchCriteriaId: "3422B714-DB0F-4EE3-A7D4-9A0165214563", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "70B79B00-F61D-4F10-AD7B-74718F061D9E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "A8766442-CC8D-4221-89B8-F75D195F71E8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*", matchCriteriaId: "26C08FB9-AFEB-4A53-AAB3-37C9717B30C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*", matchCriteriaId: "68896900-7FCC-4BFB-B787-8992B459F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update5:*:*:*:*:*:*", matchCriteriaId: "1059B529-02F0-4C85-A35E-2282546FA990", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*", matchCriteriaId: "0D9FE447-2090-47D2-8667-5DC7605089BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*", matchCriteriaId: "BB4FFADC-51F0-439F-9F80-D2B2614FFC39", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:sp2:*:*:*:*:*:*", matchCriteriaId: "4C117FFB-A3FF-4E82-9CE9-B2DFFAF7D799", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5A7162-F1B5-4E74-99D6-4108AC4C49FC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:*:*:*:*", matchCriteriaId: "A961C560-0288-4BC7-B3EB-11610765A34A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*", matchCriteriaId: "50B77C2A-4D66-4407-8CA4-99C43ED72DDB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*", matchCriteriaId: "9794ED7E-EB17-4C95-B900-840A48758F03", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*", matchCriteriaId: "57E82CFE-4191-4055-A0BA-EAB7BE96D947", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*", matchCriteriaId: "C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*", matchCriteriaId: "B5AF87C6-F8D6-4462-9DF5-B9D301002B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_5:*:*:*:*:*:*", matchCriteriaId: "E4D610DA-D1EF-487E-94CB-FC6E6BE4BE4C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_6:*:*:*:*:*:*", matchCriteriaId: "6BB49DC6-B8AB-4320-B5CB-8EB803D41194", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*", matchCriteriaId: "A4316924-9EF8-4835-A2E4-0C81F4DE473D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*", matchCriteriaId: "A1011EBE-A08D-4066-A2B8-45736AE6999B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*", matchCriteriaId: "37284D6C-ADB9-43A9-817D-7879FDF8BF7F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*", matchCriteriaId: "1DAD73CB-A027-4CEA-A439-A271717BBEDD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*", matchCriteriaId: "150B957C-545F-4BD8-8AB9-E64ACC59C865", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:-:*:*:*:*:*:*", matchCriteriaId: "C665E91E-DC56-41E0-99B4-ACFAA70B3103", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*", matchCriteriaId: "BB46C8BD-942A-45DC-AA8A-C0D9418CA302", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The password hash of a local user account in the remote server could be granted via public API to a user on the affected system. An authenticated attacker could brute force the password hash and use it to login to the server.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a V9. 1 SP1), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a V17 Update 2), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP2 Update 6). El hash de la contraseña de una cuenta de usuario local en el servidor remoto podría concederse a través de la API pública a un usuario del sistema afectado. Un atacante autenticado podría forzar el hash de la contraseña y utilizarlo para iniciar sesión en el servidor", }, ], id: "CVE-2021-40360", lastModified: "2024-11-21T06:23:57.097", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-09T16:15:13.813", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-09 16:15
Modified
2024-11-21 06:23
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 14.0.1 | |
| siemens | simatic_wincc | 15 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 17 | |
| siemens | simatic_wincc | 17 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "8B62697B-2F75-44EA-A1F8-14BF9D1F99CC", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*", matchCriteriaId: "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*", matchCriteriaId: "0D25510C-F677-4A98-806C-FF644F11EEC6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "3F39B396-140B-4005-9A61-F984C9FAF742", versionEndExcluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*", matchCriteriaId: "88F6B3BF-727F-432E-89D8-37FB7C76FE2B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*", matchCriteriaId: "62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*", matchCriteriaId: "AF3F613C-6707-4517-B4B8-530C912B79E6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*", matchCriteriaId: "590F62CE-9245-4AC9-9FBC-35136E217B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update14:*:*:*:*:*:*", matchCriteriaId: "3C5F5AD3-878D-42B0-B30E-8B0B6174486B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update15:*:*:*:*:*:*", matchCriteriaId: "57F59EE1-46FC-4B94-AB30-F1D3235C5A1D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update16:*:*:*:*:*:*", matchCriteriaId: "BA774F51-885C-4579-982E-431A8AB027B7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update17:*:*:*:*:*:*", matchCriteriaId: "110DF98C-BE75-43B6-B63D-1D7D99AFFA73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update18:*:*:*:*:*:*", matchCriteriaId: "11F812DE-BF33-4CB0-8E21-81682E3B88CA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "241D5A28-FB22-4C5B-A067-733168E847BF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*", matchCriteriaId: "A5418F92-84A9-439C-B86C-ED5820697603", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*", matchCriteriaId: "40631FBD-116B-4589-B77A-6C5A69990F73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*", matchCriteriaId: "64B14972-6163-4D44-A9C6-16328E02AC69", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*", matchCriteriaId: "8929E926-740F-4F17-B52C-4C73914B1818", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*", matchCriteriaId: "D4F72666-D10A-4EB2-80D3-18B04C101256", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*", matchCriteriaId: "0E343221-1E1A-4EE7-80AE-AB24E2244BA0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*", matchCriteriaId: "1BF716D7-0A77-400F-9B43-64FBE3E65735", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:update_1:*:*:*:*:*:*", matchCriteriaId: "D0A0534C-8EDE-46FF-82A0-812CF069ABC9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*", matchCriteriaId: "3422B714-DB0F-4EE3-A7D4-9A0165214563", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "70B79B00-F61D-4F10-AD7B-74718F061D9E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "A8766442-CC8D-4221-89B8-F75D195F71E8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*", matchCriteriaId: "26C08FB9-AFEB-4A53-AAB3-37C9717B30C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*", matchCriteriaId: "68896900-7FCC-4BFB-B787-8992B459F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update5:*:*:*:*:*:*", matchCriteriaId: "1059B529-02F0-4C85-A35E-2282546FA990", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*", matchCriteriaId: "0D9FE447-2090-47D2-8667-5DC7605089BB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*", matchCriteriaId: "BB4FFADC-51F0-439F-9F80-D2B2614FFC39", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:sp2:*:*:*:*:*:*", matchCriteriaId: "4C117FFB-A3FF-4E82-9CE9-B2DFFAF7D799", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*", matchCriteriaId: "CE5A7162-F1B5-4E74-99D6-4108AC4C49FC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:*:*:*:*", matchCriteriaId: "A961C560-0288-4BC7-B3EB-11610765A34A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*", matchCriteriaId: "50B77C2A-4D66-4407-8CA4-99C43ED72DDB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*", matchCriteriaId: "9794ED7E-EB17-4C95-B900-840A48758F03", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*", matchCriteriaId: "57E82CFE-4191-4055-A0BA-EAB7BE96D947", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*", matchCriteriaId: "C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*", matchCriteriaId: "B5AF87C6-F8D6-4462-9DF5-B9D301002B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_5:*:*:*:*:*:*", matchCriteriaId: "E4D610DA-D1EF-487E-94CB-FC6E6BE4BE4C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_6:*:*:*:*:*:*", matchCriteriaId: "6BB49DC6-B8AB-4320-B5CB-8EB803D41194", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*", matchCriteriaId: "A4316924-9EF8-4835-A2E4-0C81F4DE473D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*", matchCriteriaId: "A1011EBE-A08D-4066-A2B8-45736AE6999B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*", matchCriteriaId: "37284D6C-ADB9-43A9-817D-7879FDF8BF7F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*", matchCriteriaId: "1DAD73CB-A027-4CEA-A439-A271717BBEDD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*", matchCriteriaId: "150B957C-545F-4BD8-8AB9-E64ACC59C865", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:-:*:*:*:*:*:*", matchCriteriaId: "C665E91E-DC56-41E0-99B4-ACFAA70B3103", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*", matchCriteriaId: "BB46C8BD-942A-45DC-AA8A-C0D9418CA302", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V17 (All versions <= V17 Update 4), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 6). The affected component stores the credentials of a local system account in a potentially publicly accessible project file using an outdated cipher algorithm. An attacker may use this to brute force the credentials and take over the system.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a V9. 1 SP1), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a V17 Update 2), SIMATIC WinCC V17 (Todas las versiones anteriores a= V17 Update 4), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP2 Update 6). El componente afectado almacena las credenciales de una cuenta del sistema local en un archivo de proyecto potencialmente accesible al público utilizando un algoritmo de cifrado obsoleto. Un atacante puede usar esto para forzar las credenciales y tomar el control del sistema", }, ], id: "CVE-2021-40363", lastModified: "2024-11-21T06:23:57.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-09T16:15:13.877", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-914168.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-538", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:56
Severity ?
3.9 (Low) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These
services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_net_pc_software | 14.0 | |
| siemens | simatic_net_pc_software | 15.0 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | sinaut_st7sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_pc_software:14.0:*:*:*:*:*:*:*", matchCriteriaId: "34A1F08A-1269-44F0-8B10-70A41F9306B2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc_software:15.0:*:*:*:*:*:*:*", matchCriteriaId: "79A56438-47FC-4184-9401-0B859037D0F1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:-:*:*:*:*:*:*", matchCriteriaId: "3EEF9BE1-F6E2-4C05-8020-4D7540882464", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*", matchCriteriaId: "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*", matchCriteriaId: "0D25510C-F677-4A98-806C-FF644F11EEC6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "D7E53AD8-C669-4E1F-9519-4DED57668766", versionEndExcluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinaut_st7sc:*:*:*:*:*:*:*:*", matchCriteriaId: "B3C162C7-AC9A-44E3-BAE5-1C0D434F264B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.", }, ], id: "CVE-2023-28829", lastModified: "2024-11-21T07:56:06.343", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.5, impactScore: 3.4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-13T09:15:16.707", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-477", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-13 19:15
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | Vendor Advisory | |
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware | * | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc | - | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware | * | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2 | - | |
| siemens | simatic_s7-1200_cpu_1211c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1211c | - | |
| siemens | simatic_s7-1200_cpu_1212c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1212c | - | |
| siemens | simatic_s7-1200_cpu_1214c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1214c | - | |
| siemens | simatic_s7-1200_cpu_1215c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1215c | - | |
| siemens | simatic_s7-1200_cpu_1217c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1217c | - | |
| siemens | simatic_s7-1500_cpu_1518_firmware | * | |
| siemens | simatic_s7-1500_cpu_1518 | - | |
| siemens | simatic_s7-1500_cpu_1511c_firmware | * | |
| siemens | simatic_s7-1500_cpu_1511c | - | |
| siemens | simatic_s7-1500_cpu_1512c_firmware | * | |
| siemens | simatic_s7-1500_cpu_1512c | - | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_s7-1500 | * | |
| siemens | simatic_s7-plcsim_advanced | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc_open_architecture | * | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_runtime | * | |
| siemens | simatic_wincc_runtime | * | |
| siemens | simatic_cp_1626_firmware | * | |
| siemens | simatic_cp_1626 | - | |
| siemens | simatic_tim_1531_irc_firmware | * | |
| siemens | simatic_tim_1531_irc | - | |
| siemens | simatic_hmi_panel_firmware | * | |
| siemens | simatic_hmi_panel | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FFA8109D-F938-4FE3-9885-831D2D0FE058", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*", matchCriteriaId: "E8AED132-C4CF-4C2E-B826-DFAE745256FD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C59DF55E-2F4F-4BF1-B02F-05916BC863D4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*", matchCriteriaId: "30E3491F-8F4A-4C7D-960D-073AA41DB4D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "621AC3EC-6DA3-4AA6-9100-0407EC8370E6", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*", matchCriteriaId: "3871C0C9-C65E-4E0B-9CA8-75E60066297F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9F22D58C-444F-4179-B84F-24D57F4971EB", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*", matchCriteriaId: "07849777-92E7-41D2-9128-F8D20DE15391", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "985A67F3-9799-4D30-B049-619456280DA4", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*", matchCriteriaId: "FE17584A-BF7A-48B8-A9CB-477663766C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6A5E0374-939D-4C5E-B721-5AD8A3329387", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*", matchCriteriaId: "CC4698CF-F935-4707-BA91-7E3650C7956C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FF7EA085-2297-4BA0-96AB-2A2EBE0BEFAF", versionEndIncluding: "4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*", matchCriteriaId: "232279DE-CF1C-4A3C-886D-B4CE3F104F09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DF4F6EA7-68BD-4A9D-8DDC-1D802EA7905B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518:-:*:*:*:*:*:*:*", matchCriteriaId: "BE0BA68C-EB57-49CE-94A8-E7905AB79824", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "33F882B8-EEDF-489E-9933-37EFC0AAC356", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c:-:*:*:*:*:*:*:*", matchCriteriaId: "822894D4-96D5-4BDC-A698-D31262BCF422", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1512c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C9E8D52B-CDB3-4E26-A0C4-592CCBFBB827", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c:-:*:*:*:*:*:*:*", matchCriteriaId: "D2E24A4C-AC13-4382-BDF6-E13878FED4DC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*", matchCriteriaId: "744B5953-511F-42CA-80A0-DBE36A6AA144", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-1500:*:*:*:*:*:*:*:*", matchCriteriaId: "FA1684C0-4B7C-44A0-9F16-5F8121654397", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "2C9A3749-B092-4F92-8140-55F10A03A5DB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "E6D968D9-2A64-4E1C-824F-6508AEC6789D", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "F96AD4B7-105A-4D60-9026-E5C6389F3C73", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:*:*:*:*:*:*:*:*", matchCriteriaId: "4C3580BA-45F0-4A01-925F-D56B0BA058F7", versionEndIncluding: "3.15", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:-:*:*:*:*:*:*", matchCriteriaId: "84D652E6-23F7-4EB6-AE66-69662E191559", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:patch_12:*:*:*:*:*:*", matchCriteriaId: "1F0B76B7-FCB4-4831-BD00-AF29FD4606B2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*", matchCriteriaId: "29B1F502-8A3A-4C07-90D2-CE5EB06CB573", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*", matchCriteriaId: "0384FFF2-F577-4FFC-8A84-5682771D1BC1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1626_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2DA2E87-7B96-4B6B-90F9-C22B138B441B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1626:-:*:*:*:*:*:*:*", matchCriteriaId: "581EA284-EDD6-4EA5-96B2-67904D1D9DC7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "95DEFB00-96A2-460F-8B59-A288FD154FDC", versionEndExcluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "AEFDF765-44F4-45CB-8A28-FD7D355310DA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_panel_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EE91BB69-3E42-4110-B49B-D53DB894E140", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_panel:-:*:*:*:*:*:*:*", matchCriteriaId: "35CA808F-891D-4E10-A87A-68440D0BE0CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC CP 1626 (Todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. variantes SIPLUS) (Todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. variantes SIPLUS) (Todas las versiones anteriores a V20. 8), SIMATIC HMI Panel (incl. variantes SIPLUS) (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), familia de CPUs SIMATIC S7-1200 (incl. variantes SIPLUS) (Todas las versiones anteriores a V4.4.0), familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 relacionadas y variantes SIPLUS) (Todas las versiones anteriores a V2.8.1), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a V20.8), SIMATIC S7-PLCSIM Advanced (Todas las versiones anteriores a V3.0), SIMATIC STEP 7 (TIA Portal) (Todas las versiones anteriores a V16), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a V16), SIMATIC WinCC OA (Todas las versiones anteriores a V3. 16 P013), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a V16), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a V16), TIM 1531 IRC (incl. variantes de SIPLUS NET) (Todas las versiones anteriores a V2.1). Los dispositivos afectados contienen una vulnerabilidad de elusión de la protección de mensajes debido a ciertas propiedades en el cálculo utilizado para la protección de la integridad. Esto podría permitir a un atacante en posición de Man-in-the-Middle modificar el tráfico de red enviado por el puerto 102/tcp a los dispositivos afectados", }, ], id: "CVE-2019-10929", lastModified: "2024-11-21T04:20:10.487", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-13T19:15:14.860", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-344-04", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-327", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-13 09:15
Modified
2024-11-21 08:31
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | openpcs_7 | * | |
| siemens | simatic_batch | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_route_control | * | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 8.0 | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | simatic_wincc_runtime_professional | 19 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:openpcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "F1350C78-30BE-4FA0-BE95-7A897C0D1927", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5C1EC7-2F78-400D-9F85-FCEF71C4F1D5", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "FDA0756E-97B0-4896-BED4-44E86D6C76DE", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*", matchCriteriaId: "F0AF2A6B-2A46-4147-AB1C-6E4DD71CD8C2", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:8.0:*:*:*:*:*:*:*", matchCriteriaId: "E57C7724-EEDA-4F6E-8634-65B10C3319A2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "872A881A-22F6-47E0-99ED-A83D9F77DB02", versionEndIncluding: "18", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:19:*:*:*:*:*:*:*", matchCriteriaId: "18D1C8AC-6A32-4ABB-A52D-58B774A5C9BE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) communication protocol in the affected products do not properly handle certain malformed RPC messages. An attacker could use this vulnerability to cause a denial of service condition in the RPC server.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en: \nOpenPCS 7 V9.1 (todas las versiones), \nSIMATIC BATCH V9.1 (todas las versiones), \nSIMATIC PCS 7 V9.1 (todas las versiones), \nSIMATIC Route Control V9.1 (todas las versiones), \nSIMATIC WinCC Runtime Professional V18 (todas las versiones), \nSIMATIC WinCC Runtime Professional V19 (todas las versiones), \nSIMATIC WinCC V7.4 (todas las versiones), \nSIMATIC WinCC V7.5 (todas las versiones < V7.5 SP2 Update 15), \nSIMATIC WinCC V8.0 (Todas las versiones ", }, ], id: "CVE-2023-48364", lastModified: "2024-11-21T08:31:34.503", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "ADJACENT", availabilityRequirement: "NOT_DEFINED", baseScore: 7.1, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-02-13T09:15:45.980", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-07-22 05:43
Modified
2025-04-11 00:51
Severity ?
Summary
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725 | Press/Media Coverage | |
| cve@mitre.org | http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr | Press/Media Coverage | |
| cve@mitre.org | http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/ | Press/Media Coverage | |
| cve@mitre.org | http://secunia.com/advisories/40682 | Broken Link | |
| cve@mitre.org | http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c | Not Applicable | |
| cve@mitre.org | http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1 | Broken Link | |
| cve@mitre.org | http://www.f-secure.com/weblog/archives/00001987.html | Third Party Advisory | |
| cve@mitre.org | http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx | Broken Link, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/41753 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/1893 | Broken Link | |
| cve@mitre.org | http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22 | Exploit, Issue Tracking | |
| cve@mitre.org | http://www.wired.com/threatlevel/2010/07/siemens-scada/ | Press/Media Coverage, Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/60587 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725 | Press/Media Coverage | |
| af854a3a-2127-422b-91ae-364da2661108 | http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr | Press/Media Coverage | |
| af854a3a-2127-422b-91ae-364da2661108 | http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/ | Press/Media Coverage | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40682 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.f-secure.com/weblog/archives/00001987.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/41753 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/1893 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.wired.com/threatlevel/2010/07/siemens-scada/ | Press/Media Coverage, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/60587 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_wincc | 6.2 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_pcs_7 | 6.0 | |
| siemens | simatic_pcs_7 | 6.1 | |
| siemens | simatic_pcs_7 | 7.0 | |
| siemens | simatic_pcs_7 | 7.0 | |
| siemens | simatic_pcs_7 | 7.1 | |
| siemens | simatic_pcs_7 | 7.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc:6.2:*:*:*:*:*:*:*", matchCriteriaId: "9BD0EB37-CFA4-49AE-A952-1A4E2E2EE998", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3CF84FC5-9450-47B7-A4F0-99361C528C00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:6.0:*:*:*:*:*:*:*", matchCriteriaId: "963E0E16-2A77-45C8-8708-46B4158C40D0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:6.1:*:*:*:*:*:*:*", matchCriteriaId: "2C026414-5F0C-48E7-A93D-12E2E33AB6CB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:7.0:-:*:*:*:*:*:*", matchCriteriaId: "BD419DE7-CB43-42E7-ACCC-82EA4913E8D2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:7.0:sp1:*:*:*:*:*:*", matchCriteriaId: "036B082A-1B48-4BA0-A915-4344C70E430D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:7.1:*:*:*:*:*:*:*", matchCriteriaId: "D7885AE5-023B-45BC-8E4A-CF796B5757C2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "BE258BF2-AD82-401C-B020-08A22A549A25", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.", }, { lang: "es", value: "Siemens Simatic WinCC y sistemas PCS 7 SCADA utiliza una contraseña no modificable en el código, lo cual permite a usuarios locales acceder a una base de datos interna (back-end) y obtener privilegios, como se demuestra en julio de 2010 por el gusano Stuxnet, una vulnerabilidad diferente de CVE-2010-2568.", }, ], id: "CVE-2010-2772", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2010-07-22T05:43:58.250", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/40682", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.f-secure.com/weblog/archives/00001987.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/41753", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2010/1893", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", ], url: "http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "http://www.wired.com/threatlevel/2010/07/siemens-scada/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "http://ics-cert.us-cert.gov/advisories/ICSA-12-205-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "http://infoworld.com/d/security-central/new-weaponized-virus-targets-industrial-secrets-725", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "http://infoworld.com/d/security-central/siemens-warns-users-dont-change-passwords-after-worm-attack-915?sourcefssr", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/40682", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=viewhttp://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.automation.siemens.com/forum/guests/PostShow.aspx?PostID=16127&16127&Language=en&PageIndex=1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.f-secure.com/weblog/archives/00001987.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://www.sea.siemens.com/us/News/Industrial/Pages/WinCC_Update.aspx", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/41753", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.vupen.com/english/advisories/2010/1893", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", ], url: "http://www.wilderssecurity.com/showpost.php?p=1712134&postcount=22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", "Third Party Advisory", ], url: "http://www.wired.com/threatlevel/2010/07/siemens-scada/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/60587", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-798", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-12-17 03:59
Modified
2025-04-12 10:46
Severity ?
Summary
A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://www.securityfocus.com/bid/94825 | ||
| productcert@siemens.com | http://www.securitytracker.com/id/1037435 | ||
| productcert@siemens.com | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf | ||
| productcert@siemens.com | https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94825 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037435 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_wincc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "78F045C4-8DC2-4FA8-833D-B430EA26F2A0", versionEndIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "71370ADD-85DC-407A-99F3-8F5386EBFBCE", versionEndIncluding: "7.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions.", }, { lang: "es", value: "Una vulnerabilidad en SIEMENS SIMATIC WinCC (Todas las versions < SIMATIC WinCC V7.2) y SIEMENS SIMATIC PCS 7 (Todas las versiones < SIMATIC PCS 7 V8.0 SP1) podría permitir a un atacante remoto bloquear un componente ActiveX o filtrar partes de la memoria de aplicación si un usuario es engañado para hacer clic en un enlace malicioso bajo ciertas condiciones.", }, ], id: "CVE-2016-9160", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-12-17T03:59:00.263", references: [ { source: "productcert@siemens.com", url: "http://www.securityfocus.com/bid/94825", }, { source: "productcert@siemens.com", url: "http://www.securitytracker.com/id/1037435", }, { source: "productcert@siemens.com", url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf", }, { source: "productcert@siemens.com", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/94825", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1037435", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-111", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-254", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-11-26 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | 7.1 | |
| siemens | simatic_pcs7 | 7.1 | |
| siemens | simatic_pcs7 | 7.1 | |
| siemens | simatic_pcs7 | 8.0 | |
| siemens | simatic_pcs7 | 8.0 | |
| siemens | simatic_pcs7 | 8.1 | |
| siemens | simatic_tiaportal | 13.0 | |
| siemens | simatic_tiaportal | 13.0 | |
| siemens | simatic_tiaportal | 13.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:7.1:sp1:*:*:*:*:*:*", matchCriteriaId: "BE258BF2-AD82-401C-B020-08A22A549A25", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp3:*:*:*:*:*:*", matchCriteriaId: "33FA164B-E269-4140-AC85-2623356AF636", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:7.1:sp4:*:*:*:*:*:*", matchCriteriaId: "D62C7959-87D9-42EC-A224-2EE6EF23C1CF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.0:sp1:*:*:*:*:*:*", matchCriteriaId: "428F68D2-8C1D-4ADE-A6FB-65EC4C426F99", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.0:sp2:*:*:*:*:*:*", matchCriteriaId: "14193511-1B9B-4319-92AE-BB26F398550C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "172A6A81-C32E-4ACC-AB8C-2014BF3A6901", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_tiaportal:13.0:*:*:*:*:*:*:*", matchCriteriaId: "19C3A00B-A47E-4723-B652-B64FDC5F2601", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_tiaportal:13.0:3:*:*:*:*:*:*", matchCriteriaId: "144DE778-4439-489F-830D-B4742BB11FEB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_tiaportal:13.0:5:*:*:*:*:*:*", matchCriteriaId: "39B75B5E-7979-4E3B-BE94-AE04F17A6F3C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3CF84FC5-9450-47B7-A4F0-99361C528C00", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp1:*:*:*:*:*:*", matchCriteriaId: "E8274939-833E-40E1-8D2E-1B28CEA91036", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp2:*:*:*:*:*:*", matchCriteriaId: "61F46206-F232-4F62-AF4F-E2DCF462AE60", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*", matchCriteriaId: "0D0BB2E6-1444-499A-943E-8D19C402F1BD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:1:*:*:*:*:*:*", matchCriteriaId: "2D6E154F-F8A0-4E9D-BC37-E95B1820D2BF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:2:*:*:*:*:*:*", matchCriteriaId: "D6745F96-FA72-457B-AD14-07C4B353310F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:3:*:*:*:*:*:*", matchCriteriaId: "E555D458-59C4-4CBC-95F4-CBA503BCCB24", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:4:*:*:*:*:*:*", matchCriteriaId: "3BEE67FC-D188-4B0C-A837-FC91B406982E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:5:*:*:*:*:*:*", matchCriteriaId: "75121F46-303D-4416-8FBD-1938BDD60AAB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:6:*:*:*:*:*:*", matchCriteriaId: "FF8B251F-399E-4165-B3A6-801775212C5D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:7:*:*:*:*:*:*", matchCriteriaId: "FBE45DD1-630F-448F-90FE-D3CC00266EF1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:8:*:*:*:*:*:*", matchCriteriaId: "CFC7DC1F-B4C5-4116-9B53-706F2B3227DD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:1:*:*:*:*:*:*", matchCriteriaId: "B8F27E75-90CD-4C3B-AF0E-90EF338A2D91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 allows remote attackers to execute arbitrary code via crafted packets.", }, { lang: "es", value: "El servidor WinCC en Siemens SIMATIC WinCC 7.0 hasta SP3, 7.2 anterior a la actualización 9, y 7.3 anterior a la actualización 2; SIMATIC PCS 7 7.1 hasta SP4, 8.0 hasta SP2, y 8.1; y TIA Portal 13 anterior a la actualización 6 permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados.", }, ], id: "CVE-2014-8551", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-11-26T11:59:00.093", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-134508.pdf", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-07-22 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/92116 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1036441 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf | Mitigation, Vendor Advisory | |
| cve@mitre.org | https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/92116 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036441 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:*:*:*:*:*:*:*", matchCriteriaId: "3CF84FC5-9450-47B7-A4F0-99361C528C00", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp1:*:*:*:*:*:*", matchCriteriaId: "E8274939-833E-40E1-8D2E-1B28CEA91036", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp2:*:*:*:*:*:*", matchCriteriaId: "61F46206-F232-4F62-AF4F-E2DCF462AE60", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*", matchCriteriaId: "0D0BB2E6-1444-499A-943E-8D19C402F1BD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*", matchCriteriaId: "4C4BFBED-E818-453C-B787-22D67B4A5A29", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Siemens SIMATIC WinCC 7.0 through SP3 and 7.2 allows remote attackers to read arbitrary WinCC station files via crafted packets.", }, { lang: "es", value: "Siemens SIMATIC WinCC 7.0 hasta la versión SP3 y 7.2 permite a atacantes remotos leer archivos de la estación WinCC arbitrarios a través de paquetes manipulados.", }, ], id: "CVE-2016-5744", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-07-22T15:59:01.397", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92116", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036441", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, { source: "cve@mitre.org", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/92116", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1036441", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-378531.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-208-01", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-27 07:15
Modified
2024-11-21 06:23
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf | Patch, Third Party Advisory | |
| cve@mitre.org | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf | Patch, Vendor Advisory | |
| cve@mitre.org | https://opcfoundation.org/security-bulletins/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://opcfoundation.org/security-bulletins/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opcfoundation | local_discover_server | * | |
| siemens | simatic_process_historian_opc_ua_server_firmware | * | |
| siemens | simatic_process_historian_opc_ua_server_firmware | 2022 | |
| siemens | simatic_process_historian_opc_ua_server | - | |
| siemens | simatic_net_pc | 14 | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 17 | |
| siemens | simatic_wincc | - | |
| siemens | simatic_wincc_runtime | - | |
| siemens | simatic_wincc_unified_scada_runtime | - | |
| siemens | telecontrol_server_basic | 3.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opcfoundation:local_discover_server:*:*:*:*:*:*:*:*", matchCriteriaId: "2BD47A17-5E0C-4BCA-989C-C5CDEAC20A06", versionEndExcluding: "1.04.402.463", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "A3BD1C40-AB88-4CB8-820E-C32C4AEBD455", versionEndExcluding: "2022", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:2022:-:*:*:*:*:*:*", matchCriteriaId: "D113B41E-4268-407B-A729-EBC9385D8943", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*", matchCriteriaId: "14EC9343-7778-40B0-A74D-5C156FF2A229", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*", matchCriteriaId: "298E8F34-346B-4FC5-8690-3F947F585552", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", matchCriteriaId: "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", matchCriteriaId: "496E3C43-5DA8-4983-8AC6-0F32454E22F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*", matchCriteriaId: "AFBD6DDF-917C-44CC-A944-1945DC7AC9FB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:-:*:*:*:*:*:*:*", matchCriteriaId: "0F7BB505-A6B6-4200-9602-E4D348E407AB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*", matchCriteriaId: "E6BFBAED-EE2B-4DE4-A76C-824DD15F4608", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_unified_scada_runtime:-:*:*:*:*:*:*:*", matchCriteriaId: "772ECFF2-BB17-4B72-A570-18631521E147", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*", matchCriteriaId: "975FC6E7-8FDB-4361-A691-44B26B0CBFD4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.", }, { lang: "es", value: "En OPC Foundation Local Discovery Server (LDS) versiones anteriores a 1.04.402.463, unos atacantes remotos pueden causar una denegación de servicio (DoS) mediante el envío de mensajes cuidadosamente diseñados que conllevan a el Acceso a una Ubicación de Memoria Después del Final de un Búfer.", }, ], id: "CVE-2021-40142", lastModified: "2024-11-21T06:23:38.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cve@mitre.org", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-27T07:15:08.630", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://opcfoundation.org/security-bulletins/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://opcfoundation.org/security-bulletins/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-09 12:15
Modified
2024-11-21 06:23
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.1 | |
| siemens | simatic_net_pc | 14 | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 17 | |
| siemens | simatic_route_control | 8.2 | |
| siemens | simatic_route_control | 9.0 | |
| siemens | simatic_route_control | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 15 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 17 | |
| siemens | simatic_wincc | 17 | |
| siemens | simaticpcs_7 | * | |
| siemens | simaticpcs_7 | * | |
| siemens | simaticpcs_7 | 9.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_batch:8.2:-:*:*:*:*:*:*", matchCriteriaId: "4CAFD7F2-BB23-4E3A-A30E-78290D5EAB47", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:8.2:upd_9:*:*:*:*:*:*", matchCriteriaId: "F043FAC3-661C-4226-AA70-7EF836DDBA55", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:-:*:*:*:*:*:*", matchCriteriaId: "E54F6E83-C353-44FB-9F37-C03DA344A5DC", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1:*:*:*:*:*:*", matchCriteriaId: "3E19D98B-B40A-4589-8C26-7722C25EEC63", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_1:*:*:*:*:*:*", matchCriteriaId: "85CDD274-B2B4-4DB0-9917-C16B5D900006", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_2:*:*:*:*:*:*", matchCriteriaId: "0B435D51-FFA2-4F19-9B51-404BB37D7F0D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_3:*:*:*:*:*:*", matchCriteriaId: "AFBBC7D6-D1D4-452E-A744-B490CF002354", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_4:*:*:*:*:*:*", matchCriteriaId: "98BC62E3-4C0B-481A-9274-B9C785F8FDC5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:9.1:-:*:*:*:*:*:*", matchCriteriaId: "4598FFB9-68FC-4825-83AB-4B1D45C3B3E4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*", matchCriteriaId: "298E8F34-346B-4FC5-8690-3F947F585552", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", matchCriteriaId: "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", matchCriteriaId: "496E3C43-5DA8-4983-8AC6-0F32454E22F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:update1:*:*:*:*:*:*", matchCriteriaId: "17BCC3CD-61D0-416D-A241-D35AF8EE5BF8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*", matchCriteriaId: "AFBD6DDF-917C-44CC-A944-1945DC7AC9FB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:8.2:*:*:*:*:*:*:*", matchCriteriaId: "7F8A4F12-33E8-47CD-9790-60D0D39E6965", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*", matchCriteriaId: "57073CE8-174E-429D-A721-AB14C7D16D4F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:9.1:-:*:*:*:*:*:*", matchCriteriaId: "588E365B-D148-4253-A316-63FD11821F85", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2E9785-246F-496B-9139-02E2F4003352", versionEndIncluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*", matchCriteriaId: "3422B714-DB0F-4EE3-A7D4-9A0165214563", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "70B79B00-F61D-4F10-AD7B-74718F061D9E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "A8766442-CC8D-4221-89B8-F75D195F71E8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*", matchCriteriaId: "26C08FB9-AFEB-4A53-AAB3-37C9717B30C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*", matchCriteriaId: "68896900-7FCC-4BFB-B787-8992B459F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15:-:*:*:*:*:*:*", matchCriteriaId: "1ECA9805-26BE-4A3E-B418-A35DC1211AEF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*", matchCriteriaId: "A4316924-9EF8-4835-A2E4-0C81F4DE473D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*", matchCriteriaId: "A1011EBE-A08D-4066-A2B8-45736AE6999B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*", matchCriteriaId: "37284D6C-ADB9-43A9-817D-7879FDF8BF7F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*", matchCriteriaId: "1DAD73CB-A027-4CEA-A439-A271717BBEDD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*", matchCriteriaId: "150B957C-545F-4BD8-8AB9-E64ACC59C865", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:-:*:*:*:*:*:*", matchCriteriaId: "C665E91E-DC56-41E0-99B4-ACFAA70B3103", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*", matchCriteriaId: "BB46C8BD-942A-45DC-AA8A-C0D9418CA302", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simaticpcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "382FA06B-0465-4CA0-B0D7-B7BB748B2574", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simaticpcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "99CCAC08-D8F5-416D-82EC-7F8E1BC69C57", versionEndExcluding: "9.1", versionStartIncluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simaticpcs_7:9.1:-:*:*:*:*:*:*", matchCriteriaId: "DFC56795-0196-49AD-A840-3EBAB83D4587", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en OpenPCS 7 V8.2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a la versión a la versión V9.0 Upd4), OpenPCS 7 V9.1 (Todas las versiones), SIMATIC BATCH V8.2 (Todas las versiones), SIMATIC BATCH V9.0 (Todas las versiones), SIMATIC BATCH V9. 1 (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versión a la versión V16 Update 6), SIMATIC NET PC Software V17 (Todas las versiones anteriores a la versión a la versión V17 SP1), SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9. 0 (Todas las versiones anteriores a la versión a la versión V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a la versión a la versión V9.1 SP1), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones), SIMATIC Route Control V9. 1 (Todas las versiones), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a la versión a la versión V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a la versión a la versión V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a la versión a la versión V17 Update 2), SIMATIC WinCC V7.4 (Todas las versiones anteriores a la versión V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 SP2 Update 5). Al descargar archivos, los sistemas afectados no neutralizan correctamente los elementos especiales dentro del nombre de la ruta. Un atacante podría entonces hacer que el nombre de ruta se resuelva en una ubicación fuera del directorio restringido en el servidor y leer archivos críticos inesperados", }, ], id: "CVE-2021-40359", lastModified: "2024-11-21T06:23:56.917", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2021-11-09T12:15:09.987", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-09 12:15
Modified
2024-11-21 06:23
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.1 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 15 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 17 | |
| siemens | simatic_wincc | 17 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "F4A75F15-8F47-4348-A85C-D94BBA8F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*", matchCriteriaId: "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*", matchCriteriaId: "0D25510C-F677-4A98-806C-FF644F11EEC6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*", matchCriteriaId: "88F6B3BF-727F-432E-89D8-37FB7C76FE2B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*", matchCriteriaId: "62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*", matchCriteriaId: "AF3F613C-6707-4517-B4B8-530C912B79E6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*", matchCriteriaId: "590F62CE-9245-4AC9-9FBC-35136E217B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update14:*:*:*:*:*:*", matchCriteriaId: "3C5F5AD3-878D-42B0-B30E-8B0B6174486B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update15:*:*:*:*:*:*", matchCriteriaId: "57F59EE1-46FC-4B94-AB30-F1D3235C5A1D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update16:*:*:*:*:*:*", matchCriteriaId: "BA774F51-885C-4579-982E-431A8AB027B7", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update17:*:*:*:*:*:*", matchCriteriaId: "110DF98C-BE75-43B6-B63D-1D7D99AFFA73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update18:*:*:*:*:*:*", matchCriteriaId: "11F812DE-BF33-4CB0-8E21-81682E3B88CA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "241D5A28-FB22-4C5B-A067-733168E847BF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*", matchCriteriaId: "A5418F92-84A9-439C-B86C-ED5820697603", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*", matchCriteriaId: "40631FBD-116B-4589-B77A-6C5A69990F73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*", matchCriteriaId: "64B14972-6163-4D44-A9C6-16328E02AC69", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*", matchCriteriaId: "8929E926-740F-4F17-B52C-4C73914B1818", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*", matchCriteriaId: "D4F72666-D10A-4EB2-80D3-18B04C101256", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*", matchCriteriaId: "0E343221-1E1A-4EE7-80AE-AB24E2244BA0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*", matchCriteriaId: "1BF716D7-0A77-400F-9B43-64FBE3E65735", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:update_1:*:*:*:*:*:*", matchCriteriaId: "D0A0534C-8EDE-46FF-82A0-812CF069ABC9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*", matchCriteriaId: "3422B714-DB0F-4EE3-A7D4-9A0165214563", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "70B79B00-F61D-4F10-AD7B-74718F061D9E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "A8766442-CC8D-4221-89B8-F75D195F71E8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*", matchCriteriaId: "26C08FB9-AFEB-4A53-AAB3-37C9717B30C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*", matchCriteriaId: "68896900-7FCC-4BFB-B787-8992B459F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:*:*:*:*", matchCriteriaId: "A961C560-0288-4BC7-B3EB-11610765A34A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*", matchCriteriaId: "50B77C2A-4D66-4407-8CA4-99C43ED72DDB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*", matchCriteriaId: "9794ED7E-EB17-4C95-B900-840A48758F03", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*", matchCriteriaId: "57E82CFE-4191-4055-A0BA-EAB7BE96D947", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*", matchCriteriaId: "C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*", matchCriteriaId: "B5AF87C6-F8D6-4462-9DF5-B9D301002B1C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_5:*:*:*:*:*:*", matchCriteriaId: "E4D610DA-D1EF-487E-94CB-FC6E6BE4BE4C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15.1:update_6:*:*:*:*:*:*", matchCriteriaId: "6BB49DC6-B8AB-4320-B5CB-8EB803D41194", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*", matchCriteriaId: "A1011EBE-A08D-4066-A2B8-45736AE6999B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*", matchCriteriaId: "37284D6C-ADB9-43A9-817D-7879FDF8BF7F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*", matchCriteriaId: "1DAD73CB-A027-4CEA-A439-A271717BBEDD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*", matchCriteriaId: "150B957C-545F-4BD8-8AB9-E64ACC59C865", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:*:*:*:*:*:*:*", matchCriteriaId: "8E848185-A7C7-4FD3-94DC-8D4092395752", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*", matchCriteriaId: "BB46C8BD-942A-45DC-AA8A-C0D9418CA302", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). Legitimate file operations on the web server of the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read, write or delete unexpected critical files.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a V9. 1 SP1), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a V17 Update 2), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP2 Update 5). Las operaciones de archivo legítimas en el servidor web de los sistemas afectados no neutralizan correctamente los elementos especiales dentro de la ruta de acceso. Un atacante podría entonces hacer que el nombre de ruta se resuelva en una ubicación fuera del directorio restringido en el servidor y leer, escribir o eliminar archivos críticos inesperados", }, ], id: "CVE-2021-40358", lastModified: "2024-11-21T06:23:56.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2021-11-09T12:15:09.930", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2016-11-15 19:30
Modified
2025-04-12 10:46
Severity ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/94158 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | ||
| cve@mitre.org | https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94158 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | primary_setup_tool | - | |
| siemens | security_configuration_tool | - | |
| siemens | simatic_it_production_suite | - | |
| siemens | simatic_net_pc_software | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs7 | 8.0 | |
| siemens | simatic_pcs7 | 8.1 | |
| siemens | simatic_pcs7 | 8.2 | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7_\(tia_portal\) | * | |
| siemens | simatic_winac_rtx_2010 | - | |
| siemens | simatic_winac_rtx_f_2010 | - | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.0 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc_\(tia_portal\) | * | |
| siemens | simatic_wincc_\(tia_portal\) | * | |
| siemens | simatic_wincc_\(tia_portal\) | * | |
| siemens | simatic_wincc_\(tia_portal\) | - | |
| siemens | simatic_wincc_runtime | - | |
| siemens | simit | 9.0 | |
| siemens | sinema_remote_connect | - | |
| siemens | sinema_server | * | |
| siemens | softnet_security_client | * | |
| siemens | telecontrol_basic | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:primary_setup_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "8046A64D-4C80-4199-B1A7-F77D02428ACD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:security_configuration_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "C33765E4-619E-4566-BF96-4A7C8776A0CB", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_it_production_suite:-:*:*:*:*:*:*:*", matchCriteriaId: "DBCAF7A5-CA65-4D88-8473-67947726CA2D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*", matchCriteriaId: "87DF85DE-B86C-459A-A9A9-096AF7A661E6", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "4DFBFF6B-DBC8-451D-A235-4C7E1F0883D5", versionEndIncluding: "7.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*", matchCriteriaId: "E8B894F4-9635-4436-BC0A-E43280426017", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "172A6A81-C32E-4ACC-AB8C-2014BF3A6901", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "8C6E8BBF-C5FF-4F13-AC70-2FF41CF3CC8E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:sp4:*:*:*:*:*:*", matchCriteriaId: "C60C6533-1875-4E5B-A367-F6C1C1345CCF", versionEndIncluding: "5.5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):*:*:*:*:*:*:*:*", matchCriteriaId: "A4053231-D271-4A23-B0A0-374F6EAE2EF8", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*", matchCriteriaId: "AD93D757-C2DE-444C-9FF4-A7A700EFF7F0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_winac_rtx_f_2010:-:*:*:*:*:*:*:*", matchCriteriaId: "042D7AB5-8DB7-478E-8CB8-31942D360B34", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:sp2:*:*:*:*:*:*", matchCriteriaId: "B9D3442E-E362-49BA-8699-629A611A6E2E", versionEndIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*", matchCriteriaId: "0D0BB2E6-1444-499A-943E-8D19C402F1BD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*", matchCriteriaId: "4C4BFBED-E818-453C-B787-22D67B4A5A29", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", matchCriteriaId: "8D6229A2-9B8E-4F76-8425-589D2CE58B16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:advanced:*:*:*", matchCriteriaId: "882F53D9-7AAA-4647-B071-A45CA2618AA1", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:basic:*:*:*", matchCriteriaId: "F4524CA7-833B-4577-A5E5-DB47704F49AF", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:comfort:*:*:*", matchCriteriaId: "58782A2B-6A27-475A-9FAB-0272DED5DB40", versionEndIncluding: "14.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):-:*:*:*:professional:*:*:*", matchCriteriaId: "D9BA6A34-593E-466A-B11B-1E2DC890ECF6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*", matchCriteriaId: "E6BFBAED-EE2B-4DE4-A76C-824DD15F4608", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simit:9.0:*:*:*:*:*:*:*", matchCriteriaId: "939DE56D-D8D7-42B8-BC0C-D6727E99AFA3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*", matchCriteriaId: "9646F056-080A-4F45-AABD-4D6E8AF05148", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:*:sp2:*:*:*:*:*:*", matchCriteriaId: "3F8B6E52-C339-41B9-A2C1-A6D161251648", versionEndIncluding: "13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:softnet_security_client:*:*:*:*:*:*:*:*", matchCriteriaId: "18BFF869-4E4E-4410-91F7-56A7E959C0FE", versionEndIncluding: "5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:telecontrol_basic:*:sp2:*:*:*:*:*:*", matchCriteriaId: "A9386816-33A5-4DA7-931B-841AAE40E3BE", versionEndIncluding: "3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent).", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en Primary Setup Tool (PST) (todas las versiones anteriores a V4.2 HF1), SIMATIC IT Production Suite (todas las versiones anteriores a V7.0 SP1 HFX 2), SIMATIC NET PC-Software (Todas las versiones anteriores a V14), SIMATIC PCS 7 versión V7.1 (Todas las versiones), SIMATIC PCS 7 versión V8.0 (Todas las versiones), SIMATIC PCS 7 versión V8.1 (Todas las versiones),SIMATIC PCS 7 versión V8.2 (Todas las versiones anteriores a V8.2 SP1), SIMATIC STEP 7 (TIA Portal) versión V13 (Todas las versiones anteriores a V13 SP2), SIMATIC STEP 7 versiones V5.X (Todas las versiones anteriores a V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (Todas las versiones anteriores a V14), SIMATIC WinCC (TIA Portal) Professional versión V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC (TIA Portal) Professional versión V14 (Todas las versiones anteriores a V14 SP1), SIMATIC WinCC Runtime Professional versión V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC Runtime Professional versión V14 (Todas las versiones anteriores a V14 SP1), SIMATIC WinCC versión V7.0 SP2 y anteriores (Todas las versiones anteriores a V7.0 SP2 Upd 12), SIMATIC WinCC versión V7.0 SP3 (Todas las versiones anteriores a V7.0 SP3 Upd 8), SIMATIC WinCC versión V7.2 (Todas las versiones anteriores a V7.2 Upd 14), SIMATIC WinCC versión V7.3 (Todas las versiones anteriores a V7.3 Upd 11), SIMATIC WinCC versión V7.4 (Todas las versiones anteriores a V7.4 SP1), SIMIT versión V9.0 (Todas las versiones anteriores a V9.0 SP1), SINEMA Remote Connect Client (Todas las versiones anteriores a V1.0 SP3), SINEMA Server (Todas las versiones anteriores a V13 SP2), SOFTNET Security Client versión V5.0 (Todas las versiones), Security Configuration Tool (SCT) (Todas las versiones anteriores a V4.3 HF1), TeleControl Server Basic (Todas las versiones anteriores a V3.0 SP2), WinAC RTX 2010 SP2 (Todas las versiones), WinAC RTX F 2010 SP2 (Todas las versiones). Las rutas (path) de servicio sin comillas podrían permitir que los usuarios locales del sistema operativo Microsoft Windows aumenten sus privilegios si los productos afectados no están instalados en su ruta (path) de acceso predeterminada (\"C:\\Program Files\\*\" o el equivalente localizado).", }, ], id: "CVE-2016-7165", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 0.5, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-11-15T19:30:02.797", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94158", }, { source: "cve@mitre.org", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-254", }, { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-13 09:15
Modified
2024-11-21 08:31
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call)
communication protocol in the affected products do not
properly handle certain unorganized RPC messages. An
attacker could use this vulnerability to cause a denial of service
condition in the RPC server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | openpcs_7 | * | |
| siemens | simatic_batch | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_route_control | * | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 8.0 | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | simatic_wincc_runtime_professional | 19 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:openpcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "F1350C78-30BE-4FA0-BE95-7A897C0D1927", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_batch:*:*:*:*:*:*:*:*", matchCriteriaId: "FA5C1EC7-2F78-400D-9F85-FCEF71C4F1D5", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "FDA0756E-97B0-4896-BED4-44E86D6C76DE", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*", matchCriteriaId: "F0AF2A6B-2A46-4147-AB1C-6E4DD71CD8C2", versionEndIncluding: "9.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:8.0:*:*:*:*:*:*:*", matchCriteriaId: "E57C7724-EEDA-4F6E-8634-65B10C3319A2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "872A881A-22F6-47E0-99ED-A83D9F77DB02", versionEndIncluding: "18", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:19:*:*:*:*:*:*:*", matchCriteriaId: "18D1C8AC-6A32-4ABB-A52D-58B774A5C9BE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in OpenPCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 15), SIMATIC WinCC V8.0 (All versions < V8.0 Update 4). The implementation of the RPC (Remote Procedure call) \r\ncommunication protocol in the affected products do not \r\nproperly handle certain unorganized RPC messages. An \r\nattacker could use this vulnerability to cause a denial of service \r\ncondition in the RPC server.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en: \nOpenPCS 7 V9.1 (todas las versiones), \nSIMATIC BATCH V9.1 (todas las versiones), \nSIMATIC PCS 7 V9.1 (todas las versiones), \nSIMATIC Route Control V9.1 (todas las versiones), \nSIMATIC WinCC Runtime Professional V18 (todas las versiones), \nSIMATIC WinCC Runtime Professional V19 (todas las versiones), \nSIMATIC WinCC V7.4 (todas las versiones), \nSIMATIC WinCC V7.5 (todas las versiones < V7.5 SP2 Update 15), \nSIMATIC WinCC V8.0 (Todas las versiones ", }, ], id: "CVE-2023-48363", lastModified: "2024-11-21T08:31:34.337", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], cvssMetricV40: [ { cvssData: { Automatable: "NOT_DEFINED", Recovery: "NOT_DEFINED", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "ADJACENT", availabilityRequirement: "NOT_DEFINED", baseScore: 7.1, baseSeverity: "HIGH", confidentialityRequirement: "NOT_DEFINED", exploitMaturity: "NOT_DEFINED", integrityRequirement: "NOT_DEFINED", modifiedAttackComplexity: "NOT_DEFINED", modifiedAttackRequirements: "NOT_DEFINED", modifiedAttackVector: "NOT_DEFINED", modifiedPrivilegesRequired: "NOT_DEFINED", modifiedSubAvailabilityImpact: "NOT_DEFINED", modifiedSubConfidentialityImpact: "NOT_DEFINED", modifiedSubIntegrityImpact: "NOT_DEFINED", modifiedUserInteraction: "NOT_DEFINED", modifiedVulnAvailabilityImpact: "NOT_DEFINED", modifiedVulnConfidentialityImpact: "NOT_DEFINED", modifiedVulnIntegrityImpact: "NOT_DEFINED", privilegesRequired: "NONE", providerUrgency: "NOT_DEFINED", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "NOT_DEFINED", vectorString: "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "NONE", vulnerabilityResponseEffort: "NOT_DEFINED", }, source: "productcert@siemens.com", type: "Secondary", }, ], }, published: "2024-02-13T09:15:45.763", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/html/ssa-753746.html", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "productcert@siemens.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-09 12:15
Modified
2024-11-21 06:23
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 15 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 17 | |
| siemens | simatic_wincc | 17 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "8B62697B-2F75-44EA-A1F8-14BF9D1F99CC", versionEndIncluding: "8.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "62431198-DA5D-4E7A-A938-162FF374E3FA", versionEndExcluding: "9.1", versionStartIncluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*", matchCriteriaId: "0D25510C-F677-4A98-806C-FF644F11EEC6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "CA2E9785-246F-496B-9139-02E2F4003352", versionEndIncluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*", matchCriteriaId: "3422B714-DB0F-4EE3-A7D4-9A0165214563", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "70B79B00-F61D-4F10-AD7B-74718F061D9E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "A8766442-CC8D-4221-89B8-F75D195F71E8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*", matchCriteriaId: "26C08FB9-AFEB-4A53-AAB3-37C9717B30C5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*", matchCriteriaId: "68896900-7FCC-4BFB-B787-8992B459F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:*:*:*:*", matchCriteriaId: "A961C560-0288-4BC7-B3EB-11610765A34A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*", matchCriteriaId: "A4316924-9EF8-4835-A2E4-0C81F4DE473D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*", matchCriteriaId: "A1011EBE-A08D-4066-A2B8-45736AE6999B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*", matchCriteriaId: "37284D6C-ADB9-43A9-817D-7879FDF8BF7F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*", matchCriteriaId: "1DAD73CB-A027-4CEA-A439-A271717BBEDD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*", matchCriteriaId: "150B957C-545F-4BD8-8AB9-E64ACC59C865", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:-:*:*:*:*:*:*", matchCriteriaId: "C665E91E-DC56-41E0-99B4-ACFAA70B3103", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*", matchCriteriaId: "BB46C8BD-942A-45DC-AA8A-C0D9418CA302", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). The affected systems store sensitive information in log files. An attacker with access to the log files could publicly expose the information or reuse it to develop further attacks on the system.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a V9. 1 SP1), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a V17 Update 2), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP2 Update 5). Los sistemas afectados almacenan información sensible en archivos de registro. Un atacante con acceso a los archivos de registro podría exponer públicamente la información o reutilizarla para desarrollar otros ataques al sistema", }, ], id: "CVE-2021-40364", lastModified: "2024-11-21T06:23:57.400", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "productcert@siemens.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Secondary", }, ], }, published: "2021-11-09T12:15:10.070", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-14 20:29
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | Vendor Advisory | |
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc_\(tia_portal\) | 13.0 | |
| siemens | simatic_wincc_\(tia_portal\) | 14.0 | |
| siemens | simatic_wincc_\(tia_portal\) | 15.0 | |
| siemens | simatic_wincc_runtime_professional | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "78F045C4-8DC2-4FA8-833D-B430EA26F2A0", versionEndIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "858628AC-EA69-4D72-AE23-77A4A8DE2547", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "F4A75F15-8F47-4348-A85C-D94BBA8F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:*:*:*:*:*:*:*", matchCriteriaId: "3F27A96F-58B7-492F-8CF7-DE04D4EDAAD8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "23B89914-E5BA-4670-B692-092AE9FFE148", versionEndIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", matchCriteriaId: "8D6229A2-9B8E-4F76-8425-589D2CE58B16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*", matchCriteriaId: "E3D1A823-CE50-441F-B060-DA678DFE24FD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*", matchCriteriaId: "28A1BA01-7A92-4368-8A73-8FA47A08BC53", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):15.0:*:*:*:*:*:*:*", matchCriteriaId: "0256663E-3A97-4E99-995D-7446804DB496", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "E07DBA91-379C-40F5-8C45-6EC302F5CA7D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with access to the project file could run arbitrary system commands with the privileges of the local database server. The vulnerability could be exploited by an attacker with access to the project file. The vulnerability does impact the confidentiality, integrity, and availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.0 y versiones anteriores (Todas las versiones), SIMATIC PCS 7 V8.1 (Todas las versiones anteriores a la versión V8.1 con WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (Todas las versiones anteriores a la versión V8.2 SP1 con WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a la versión V9.0 SP2 con WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (Todas las versiones), SIMATIC WinCC (TIA Portal) V14 (Todas las versiones anteriores a la versión V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (Todas las versiones anteriores a la versión V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (Todas las versiones), SIMATIC WinCC Runtime Professional V14 ( Todas las versiones anteriores a la versión V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versión V15.1 Upd 3), SIMATIC WinCC V7.2 y anteriores (Todas las versiones), SIMATIC WinCC V7.3 (Todas las versiones anterior a la versión V7.3 Upd 19), SIMATIC WinCC V7.4 (Todas las versiones anteriores a la versión V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 Upd 3). Un atacante con acceso al archivo del proyecto podría ejecutar comandos arbitrarios del sistema con los privilegios del servidor de base de datos local. La vulnerabilidad podría ser explotada por un atacante con acceso al archivo del proyecto. La vulnerabilidad sí afecta la confidencialidad, integridad y disponibilidad del sistema afectado. En el momento de la publicación del aviso, no se conocía la explotación pública de esta vulnerabilidad de seguridad.", }, ], id: "CVE-2019-10916", lastModified: "2024-11-21T04:20:08.653", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-14T20:29:02.293", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-11-06 22:29
Modified
2025-04-20 01:37
Severity ?
Summary
An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/101680 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | http://www.securitytracker.com/id/1039729 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101680 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039729 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs7 | 8.1 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_pcs7 | 8.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.1:-:*:*:*:*:*:*", matchCriteriaId: "0D964D2E-63D5-4793-B772-E61CE0586B39", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:update13:*:*:*:*:*:*", matchCriteriaId: "CB472A4C-E0FA-42E7-96C2-1C9FD2B1A8B3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs7:8.2:-:*:*:*:*:*:*", matchCriteriaId: "A67CAAE5-FDF6-4F19-B7C8-73CAF5A6E303", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The improper input validation vulnerability has been identified, which may allow an authenticated remote attacker who is a member of the administrators group to crash services by sending specially crafted messages to the DCOM interface.", }, { lang: "es", value: "Se ha descubierto un problema de validación incorrecta de entradas en Siemens SIMATIC PCS 7 V8.1 en versiones anteriores a V8.1 SP1 con WinCC V7.3 Upd 13 y V8.2 en todas las versiones. Se ha identificado la vulnerabilidad de validación incorrecta de entradas, que podría permitir que un atacante remoto autenticado que sea miembro del grupo de administradores provoque el cierre inesperado de servicios mediante el envío de mensajes especialmente manipulados a la interfaz DCOM.", }, ], id: "CVE-2017-14023", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 4.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-11-06T22:29:00.270", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101680", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039729", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/101680", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1039729", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://ics-cert.us-cert.gov/advisories/ICSA-17-306-01", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-14 20:29
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | Vendor Advisory | |
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/ICSA-19-134-08 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc_\(tia_portal\) | 13.0 | |
| siemens | simatic_wincc_\(tia_portal\) | 14.0 | |
| siemens | simatic_wincc_\(tia_portal\) | 15.0 | |
| siemens | simatic_wincc_runtime_professional | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "78F045C4-8DC2-4FA8-833D-B430EA26F2A0", versionEndIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "858628AC-EA69-4D72-AE23-77A4A8DE2547", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "F4A75F15-8F47-4348-A85C-D94BBA8F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:*:*:*:*:*:*:*", matchCriteriaId: "3F27A96F-58B7-492F-8CF7-DE04D4EDAAD8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "23B89914-E5BA-4670-B692-092AE9FFE148", versionEndIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", matchCriteriaId: "8D6229A2-9B8E-4F76-8425-589D2CE58B16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", matchCriteriaId: "F64B795A-7E66-49AE-BE40-E8EEAC12D280", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):13.0:*:*:*:*:*:*:*", matchCriteriaId: "E3D1A823-CE50-441F-B060-DA678DFE24FD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):14.0:*:*:*:*:*:*:*", matchCriteriaId: "28A1BA01-7A92-4368-8A73-8FA47A08BC53", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):15.0:*:*:*:*:*:*:*", matchCriteriaId: "0256663E-3A97-4E99-995D-7446804DB496", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "E07DBA91-379C-40F5-8C45-6EC302F5CA7D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (All versions), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Upd 9), SIMATIC WinCC (TIA Portal) V15 (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). An attacker with local access to the project file could cause a Denial-of-Service condition on the affected product while the project file is loaded. Successful exploitation requires access to the project file. An attacker could use the vulnerability to compromise availability of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.0 y anteriores (Todas las versiones), SIMATIC PCS 7 V8.1 (Todas las versiones anteriores a la versión V8.1 con WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (Todas las versiones anteriores V8.2 SP1 con WinCC V7.4 SP1 Upd11), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a la versión V9.0 SP2 con WinCC V7.4 SP1 Upd11), SIMATIC WinCC (TIA Portal) V13 (Todas las versiones), SIMATIC WinCC (TIA Portal) V14 (Todas las versiones ", }, ], id: "CVE-2019-10917", lastModified: "2024-11-21T04:20:08.790", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-14T20:29:02.387", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/ICSA-19-134-08", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-248", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-10 17:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_automatic_tool | * | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_neo | * | |
| siemens | simatic_prosave | * | |
| siemens | simatic_s7-1500_software_controller | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_open_architecture | 3.17 | |
| siemens | simatic_wincc_runtime_advanced | * | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | sinamics_startdrive | * | |
| siemens | sinamics_starter_commissioning_tool | * | |
| siemens | sinec_network_management_system | * | |
| siemens | sinema_server | * | |
| siemens | sinumerik_one_virtual | * | |
| siemens | sinumerik_operate | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_automatic_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "A659B687-1038-42F5-B8AC-A394E41D22A8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*", matchCriteriaId: "744B5953-511F-42CA-80A0-DBE36A6AA144", versionEndExcluding: "16", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", matchCriteriaId: "496E3C43-5DA8-4983-8AC6-0F32454E22F3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_net_pc:16:update1:*:*:*:*:*:*", matchCriteriaId: "17BCC3CD-61D0-416D-A241-D35AF8EE5BF8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", matchCriteriaId: "13E3BDF0-B691-4A97-A74A-A65EC910480E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*", matchCriteriaId: "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_prosave:*:*:*:*:*:*:*:*", matchCriteriaId: "CB7752CF-D754-4A78-999B-45FE379E03DE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "658E1A3F-29D6-48D2-BCCE-0BCC41AC49F6", versionEndExcluding: "21.8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "CAF09D6E-3375-4731-B16D-30B7592EA5FB", versionEndExcluding: "5.6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*", matchCriteriaId: "1A3CA33C-AFAB-418F-870F-0236B8E55943", versionEndIncluding: "16", versionStartIncluding: "13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*", matchCriteriaId: "851F8474-4568-487D-98FB-47DF7EAEAC3B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*", matchCriteriaId: "81EADA2F-884C-4D72-8489-71025B3EBAEE", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*", matchCriteriaId: "78366D2F-B728-47F6-B539-5FB2D1B0419D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*", matchCriteriaId: "06A86DA0-BC1F-4306-B02E-ED2FA36BE273", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "3F39B396-140B-4005-9A61-F984C9FAF742", versionEndExcluding: "7.4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*", matchCriteriaId: "88F6B3BF-727F-432E-89D8-37FB7C76FE2B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*", matchCriteriaId: "62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*", matchCriteriaId: "AF3F613C-6707-4517-B4B8-530C912B79E6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*", matchCriteriaId: "590F62CE-9245-4AC9-9FBC-35136E217B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "241D5A28-FB22-4C5B-A067-733168E847BF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*", matchCriteriaId: "A5418F92-84A9-439C-B86C-ED5820697603", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*", matchCriteriaId: "40631FBD-116B-4589-B77A-6C5A69990F73", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*", matchCriteriaId: "64B14972-6163-4D44-A9C6-16328E02AC69", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*", matchCriteriaId: "8929E926-740F-4F17-B52C-4C73914B1818", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*", matchCriteriaId: "D4F72666-D10A-4EB2-80D3-18B04C101256", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*", matchCriteriaId: "0E343221-1E1A-4EE7-80AE-AB24E2244BA0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*", matchCriteriaId: "1BF716D7-0A77-400F-9B43-64FBE3E65735", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*", matchCriteriaId: "E79DA14E-419C-49BA-8E4F-2907E1D8937F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*", matchCriteriaId: "81F9C13C-065C-4E40-BB46-687D791348A9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*", matchCriteriaId: "5CF06E69-0A23-418D-B0EC-574DACBB4DD9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*", matchCriteriaId: "9164EAC1-C416-4F1F-A910-CE84A167A6D1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:*:*:*:*:*:*:*", matchCriteriaId: "4B9ED7EF-EF58-400F-92C9-3D52D8E39783", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.17:*:*:*:*:*:*:*", matchCriteriaId: "1C3F9210-7A1E-4B10-B384-119FD5733A86", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "79EE15DC-74D3-4551-AAD0-EA0CB600DA76", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*", matchCriteriaId: "3C9253AD-BD82-4BB2-84AD-EB1892B60358", versionEndIncluding: "16", versionStartIncluding: "13", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*", matchCriteriaId: "C11DB09A-74E1-45EF-A162-9C1E91F54C04", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinamics_starter_commissioning_tool:*:*:*:*:*:*:*:*", matchCriteriaId: "1976CDDA-F2AF-4C47-804E-2C1DF44FBF41", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*", matchCriteriaId: "52F7076E-12F7-4F62-9804-18598C39D3FF", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C55DA617-6333-40DA-AB7D-EE49A453E143", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinumerik_one_virtual:*:*:*:*:*:*:*:*", matchCriteriaId: "A607E4B7-2F58-4F68-91EB-16874986E92F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinumerik_operate:*:*:*:*:*:*:*:*", matchCriteriaId: "BAFC5C25-EC3C-4EB6-B5B2-478AE9CEF10F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC Automation Tool (Todas las versiones anteriores a la versión V4 SP2), SIMATIC NET PC Software V14 (Todas las versiones anteriores a la versión V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versión V16 Upd3), SIMATIC PCS neo (Todas las versiones anteriores a la versión V3.0 SP1), SIMATIC ProSave (Todas las versiones anteriores a la versión V17), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a la versión V21. 8), SIMATIC STEP 7 (Todas las versiones anteriores a la versión V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a la versión V15. 1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC OA V3.16 (Todas las versiones anteriores a la versión V3.16 P018), SIMATIC WinCC OA V3. 17 (Todas las versiones anteriores a la versión V3.17 P003), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a la versión V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versión V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versión V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (Todas las versiones anteriores a la versión V16 Update 2), SIMATIC WinCC V7. 4 (Todas las versiones anteriores a la versión V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 SP1 Update 3), SINAMICS STARTER (Todas las versiones anteriores a la versión V5.4 HF2), SINAMICS Startdrive (Todas las versiones anteriores a la versión V16 Update 3), SINEC NMS (Todas las versiones anteriores a la versión V1. 0 SP2), SINEMA Server (Todas las versiones anteriores a la versión V14 SP3), SINUMERIK ONE virtual (Todas las versiones anteriores a la versión V6.14), SINUMERIK Operate (Todas las versiones anteriores a la versión V6.14). Un componente dentro de la aplicación afectada llama regularmente a un binario de ayuda con privilegios de SISTEMA mientras la ruta de llamada no está citada", }, ], id: "CVE-2020-7580", lastModified: "2024-11-21T05:37:24.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-10T17:15:12.347", references: [ { source: "productcert@siemens.com", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { source: "productcert@siemens.com", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-428", }, ], source: "productcert@siemens.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-428", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-07-11 22:15
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_pcs_7 | 8.0 | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 14 | |
| siemens | simatic_wincc | 14 | |
| siemens | simatic_wincc | 14 | |
| siemens | simatic_wincc | 15 | |
| siemens | simatic_wincc_runtime | 13 | |
| siemens | simatic_wincc_runtime | 13 | |
| siemens | simatic_wincc_runtime | 13 | |
| siemens | simatic_wincc_runtime | 13 | |
| siemens | simatic_wincc_runtime | 13 | |
| siemens | simatic_wincc_runtime | 14 | |
| siemens | simatic_wincc_runtime | 14 | |
| siemens | simatic_wincc_runtime | 15 | |
| siemens | simatic_wincc_runtime | 15 | |
| siemens | simatic_wincc_runtime | 15.1 | |
| siemens | simatic_wincc_runtime | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.0:*:*:*:*:*:*:*", matchCriteriaId: "3566C20F-A4A7-494F-AAD2-A11B0AD783D2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*", matchCriteriaId: "858628AC-EA69-4D72-AE23-77A4A8DE2547", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*", matchCriteriaId: "F4A75F15-8F47-4348-A85C-D94BBA8F9992", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_pcs_7:9.0:*:*:*:*:*:*:*", matchCriteriaId: "3F27A96F-58B7-492F-8CF7-DE04D4EDAAD8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*", matchCriteriaId: "23B89914-E5BA-4670-B692-092AE9FFE148", versionEndIncluding: "7.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:-:*:*:*:*:*:*", matchCriteriaId: "AE3690D0-60A7-4E52-A36A-ADBA01F8D99F", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:update_1:*:*:*:*:*:*", matchCriteriaId: "AEFFC1F1-4376-4D6F-960C-9B692756EC45", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:update_10:*:*:*:*:*:*", matchCriteriaId: "C53072DB-8097-44B6-A77B-C461AF96E527", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:update_11:*:*:*:*:*:*", matchCriteriaId: "E8DFE502-A987-4DC3-93B5-4ED947CE4152", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:update_13:*:*:*:*:*:*", matchCriteriaId: "7C7C1506-7E85-47A9-B940-FE77F64D3A64", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.3:update_4:*:*:*:*:*:*", matchCriteriaId: "179AC2DA-AB33-4841-9F8A-54C823C98C6A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*", matchCriteriaId: "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*", matchCriteriaId: "2637C346-8AAF-481F-AFB0-BAD4254D14F4", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.4:update_1:*:*:*:*:*:*", matchCriteriaId: "D0A0534C-8EDE-46FF-82A0-812CF069ABC9", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*", matchCriteriaId: "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:professional:*:*:*", matchCriteriaId: "D5946B53-3E14-449C-80CB-5AD7EFFBCF71", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:13:sp2:*:*:professional:*:*:*", matchCriteriaId: "06F87184-5F08-4090-BC7A-4C07723C7E56", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:14:*:*:*:professional:*:*:*", matchCriteriaId: "8A60440F-56D2-4D34-AF8D-3F134CE9B916", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:14:-:*:*:professional:*:*:*", matchCriteriaId: "34CB9530-26A9-41F8-AAEA-4C7DCA9B6309", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:14:sp1:*:*:professional:*:*:*", matchCriteriaId: "742222BD-66B1-432A-ABA3-5C3BDE476D6E", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc:15:*:*:*:professional:*:*:*", matchCriteriaId: "993FC3FD-2887-4717-91FF-E587FFFD79F1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:13:*:*:*:professional:*:*:*", matchCriteriaId: "44F192C1-B73C-4E00-B643-0FF4D8F62806", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:13:-:*:*:professional:*:*:*", matchCriteriaId: "43A405ED-4D3B-4B1E-A109-C89299CEBC44", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:update_2:*:professional:*:*:*", matchCriteriaId: "27ABF4C7-C9DC-4BA7-AFE3-85CF24073706", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp1:update_9:*:professional:*:*:*", matchCriteriaId: "0B2B152A-110E-4113-A736-817D55E6730A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:13:sp2:*:*:professional:*:*:*", matchCriteriaId: "EAFE68A5-0469-45E4-A349-19027F375828", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:14:-:*:*:professional:*:*:*", matchCriteriaId: "960A60ED-AEB3-4133-A876-A2BAD47C9D14", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:14:sp1:*:*:professional:*:*:*", matchCriteriaId: "A804911F-3924-48A2-BE17-1E4E23403708", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:15:-:*:*:professional:*:*:*", matchCriteriaId: "E150ECFA-B1E8-4462-BCF0-F213EBDD8AB5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:15:update_4:*:*:professional:*:*:*", matchCriteriaId: "0797F07E-BDED-47E1-92DD-E9135157E78D", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:15.1:-:*:*:professional:*:*:*", matchCriteriaId: "0D9C7067-7D2D-4D96-9E54-F97ED1DE7A9C", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime:15.1:update_1:*:*:professional:*:*:*", matchCriteriaId: "96C960B3-424B-46D9-90E2-69A9CD1D4724", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier (All versions), SIMATIC PCS 7 V8.1 (All versions < V8.1 with WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1 with WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP2 with WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (All versions), SIMATIC WinCC Professional (TIA Portal V14) (All versions < V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (All versions < V15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (All versions), SIMATIC WinCC Runtime Professional V14 (All versions < V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Upd 3), SIMATIC WinCC V7.2 and earlier (All versions), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 19), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (All versions < V7.5 Upd 3). The SIMATIC WinCC DataMonitor web application of the affected products allows to upload arbitrary ASPX code. The security vulnerability could be exploited by an authenticated attacker with network access to the WinCC DataMonitor application. No user interaction is required to exploit this vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the affected device. At the stage of publishing this security advisory no public exploitation is known.", }, { lang: "es", value: "Se ha identificado una vulnerabilidad en SIMATIC PCS 7 V8.0 y versiones anteriores (Todas las versiones), SIMATIC PCS 7 V8.1 (Todas las versiones anteriores a la versión V8.1 con WinCC V7.3 Upd 19), SIMATIC PCS 7 V8.2 (Todas las versiones anteriores a la versión V8.2 SP1 con WinCC V7.4 SP1 Upd 11), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a la versión V9.0 SP2 con WinCC V7.4 SP1 Upd11), SIMATIC WinCC Professional (TIA Portal V13) (Todas las versiones) , SIMATIC WinCC Professional (TIA Portal V14) (Todas las versiones anteriores a la versión V14 SP1 Upd 9), SIMATIC WinCC Professional (TIA Portal V15) (Todas las versiones anteriores a la versiónV15.1 Upd 3), SIMATIC WinCC Runtime Professional V13 (Todas las versiones), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versión V14.1 Upd 8), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versión V15.1 Upd 3), SIMATIC WinCC V7.2 y anteriores (Todas las versiones), SIMATIC WinCC V7.3 (Todas las versiones anteriores a la versión V7.3 Upd 19), SIMATIC WinCC V7.4 (Todas las versiones anteriores a la versión V7.4 SP1 Upd 11), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versión V7.5 Upd 3). La aplicación web SIMATIC WinCC DataMonitor de los productos afectados permite cargar código ASPX arbitrario. La vulnerabilidad de seguridad podría ser explotada por un atacante autenticado con acceso de red a la aplicación WinCC DataMonitor. No se requiere interacción del usuario para explotar esta vulnerabilidad. La vulnerabilidad afecta la confidencialidad, integridad y disponibilidad del dispositivo afectado. En la etapa de publicación de este aviso de seguridad no se conoce explotación pública.", }, ], id: "CVE-2019-10935", lastModified: "2024-11-21T04:20:11.120", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-11T22:15:11.797", references: [ { source: "productcert@siemens.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-121293.pdf", }, ], sourceIdentifier: "productcert@siemens.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "productcert@siemens.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-434", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }