All the vulnerabilites related to Siemens - SINUMERIK ONE virtual
var-202405-0210
Vulnerability from variot

A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC PDM V9.2 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions), SIMATIC WinCC Runtime Professional V19 (All versions), SIMATIC WinCC Unified PC Runtime (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions), SIMATIC WinCC V8.0 (All versions), SINAMICS Startdrive (All versions < V19 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel. S7 PCT (Port Configuration Tool) is a PC-based software for parameterizing Siemens IO-Link master modules and third-party IO-Link devices. Security Configuration Tool (SCT) is an engineering software for safety devices such as SCALANCE-S or CP 443-1Advanced. SIMATIC Automation Tool allows commissioning, adjustment and service in combination with S7-1200 and S7-1500 controllers without an engineering framework. SIMATIC NET PC software is a separately sold software product for implementing communication products for SIMATIC.NET. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC PDM (Process Device Manager) is a universal, manufacturer-independent tool for configuration, parameter assignment, commissioning, diagnostics and maintenance of intelligent process devices (actuators, sensors) and automation components (remote I/O, multiplexers, process control units, compact controllers). SIMATIC STEP 7 V5 is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications that require a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Unified PC Runtime is a new visualization runtime platform for operator control and monitoring of machines and plants. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in the TIA Portal. SINUMERIK CNC provides automation solutions for workshops, shop floors and large serial production environments. SINUMERIK ONE is a digital native CNC system. Totally Integrated Automation Portal (TIA Portal) is a PC software that provides the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. TIA Portal Cloud Connector enables access to local PG/PC interfaces and connected SIMATIC hardware from TIA Portal Engineering when engineering via remote desktop on a private cloud server

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202405-0210",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "security configuration tool",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic automation tool",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc oa",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v3.17"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "totally integrated automation portal",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v15.1"
      },
      {
        "model": "simatic pcs",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v9.1"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v17"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v18"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "totally integrated automation portal update",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19\u003cv192"
      },
      {
        "model": "tia portal cloud connector",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v2.0"
      },
      {
        "model": "sinumerik plc programming tool",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "sinumerik one virtual",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v6.23"
      },
      {
        "model": "sinamics startdrive sp1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v19"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.5"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v7.4"
      },
      {
        "model": "simatic wincc unified pc runtime",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v16"
      },
      {
        "model": "simatic wincc oa p010",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v3.19\u003cv3.19"
      },
      {
        "model": "simatic wincc oa p025",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v3.18\u003cv3.18"
      },
      {
        "model": "simatic step",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "7v5"
      },
      {
        "model": "simatic route control",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.1"
      },
      {
        "model": "simatic pdm",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.2"
      },
      {
        "model": "simatic batch",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v9.1"
      },
      {
        "model": "s7-pct",
        "scope": null,
        "trust": 0.6,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ]
  },
  "cve": "CVE-2023-46280",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.6,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.1,
            "id": "CNVD-2024-24524",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "productcert@siemens.com",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.0,
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2023-46280",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2024-24524",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC PDM V9.2 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions \u003c V3.18 P025), SIMATIC WinCC OA V3.19 (All versions \u003c V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC Runtime Professional V18 (All versions), SIMATIC WinCC Runtime Professional V19 (All versions), SIMATIC WinCC Unified PC Runtime (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions), SIMATIC WinCC V8.0 (All versions), SINAMICS Startdrive (All versions \u003c V19 SP1), SINUMERIK ONE virtual (All versions \u003c V6.23), SINUMERIK PLC Programming Tool (All versions), TIA Portal Cloud Connector (All versions \u003c V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions \u003c V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel. S7 PCT (Port Configuration Tool) is a PC-based software for parameterizing Siemens IO-Link master modules and third-party IO-Link devices. Security Configuration Tool (SCT) is an engineering software for safety devices such as SCALANCE-S or CP 443-1Advanced. SIMATIC Automation Tool allows commissioning, adjustment and service in combination with S7-1200 and S7-1500 controllers without an engineering framework. SIMATIC NET PC software is a separately sold software product for implementing communication products for SIMATIC.NET. SIMATIC PCS 7 is a distributed control system (DCS) that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components. SIMATIC PDM (Process Device Manager) is a universal, manufacturer-independent tool for configuration, parameter assignment, commissioning, diagnostics and maintenance of intelligent process devices (actuators, sensors) and automation components (remote I/O, multiplexers, process control units, compact controllers). SIMATIC STEP 7 V5 is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers. SIMATIC WinCC is a Supervisory Control and Data Acquisition (SCADA) system. SIMATIC WinCC Open Architecture (OA) is part of the SIMATIC HMI family. It is designed for applications that require a high degree of customer-specific adaptability, large or complex applications, and projects that impose specific system requirements or functions. SIMATIC WinCC Runtime Advanced is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Runtime Professional is a visualization runtime platform for operator control and monitoring of machines and plants. SIMATIC WinCC Unified PC Runtime is a new visualization runtime platform for operator control and monitoring of machines and plants. SINAMICS Startdrive commissioning software is the engineering tool for integrating SINAMICS drives in the TIA Portal. SINUMERIK CNC provides automation solutions for workshops, shop floors and large serial production environments. SINUMERIK ONE is a digital native CNC system. Totally Integrated Automation Portal (TIA Portal) is a PC software that provides the complete range of Siemens digital automation services, from digital planning and integrated engineering to transparent operation. TIA Portal Cloud Connector enables access to local PG/PC interfaces and connected SIMATIC hardware from TIA Portal Engineering when engineering via remote desktop on a private cloud server",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ],
    "trust": 1.44
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SIEMENS",
        "id": "SSA-962515",
        "trust": 1.6
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280",
        "trust": 1.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "id": "VAR-202405-0210",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ],
    "trust": 1.1959388363636363
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ]
  },
  "last_update_date": "2024-05-31T19:15:21.586000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens Industrial Products Out-of-Bounds Read Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/547666"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-05-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "date": "2024-05-14T16:15:40.800000",
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2024-05-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      },
      {
        "date": "2024-05-14T19:18:31.490000",
        "db": "NVD",
        "id": "CVE-2023-46280"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens Industrial Products Out-of-Bounds Read Vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2024-24524"
      }
    ],
    "trust": 0.6
  }
}

var-202006-1828
Vulnerability from variot

A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1828",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "simatic step 7",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "sinamics startdrive",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic step 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.6"
      },
      {
        "model": "simatic net pc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinumerik one virtual",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic step 7",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic wincc open architecture",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.16"
      },
      {
        "model": "simatic step 7",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "5.6"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "sinamics starter commissioning tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "sinec network management system",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc open architecture",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.17"
      },
      {
        "model": "sinumerik operate",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "13"
      },
      {
        "model": "simatic net pc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "simatic pcs 7",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic pcs neo",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic s7-1500 software controller",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "21.8"
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "16"
      },
      {
        "model": "sinema server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.4"
      },
      {
        "model": "simatic prosave",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic wincc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "7.5"
      },
      {
        "model": "simatic automatic tool",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "simatic automation tool",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic net pc software",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic pcs neo",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic prosave",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic step 7",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc oa",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime advanced",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "simatic wincc runtime professional",
        "scope": null,
        "trust": 0.8,
        "vendor": "siemens",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:update1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "16",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_prosave:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_automatic_tool:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16",
                "versionStartIncluding": "13",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinumerik_operate:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinumerik_one_virtual:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:sinamics_starter_commissioning_tool:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "16",
                "versionStartIncluding": "13",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "21.8",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ander Martinez of Titanium Industrial Security and INCIBE reported this vulnerability to Siemens.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2020-7580",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.2,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-006496",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-185705",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2020-7580",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.7,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-006496",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-7580",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-006496",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202006-636",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-185705",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-7580",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges. plural SIMATIC The product contains vulnerabilities in unquoted search paths or elements.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Opera Software, Opera, etc. are all products of Opera Software in Norway. Opera is a web browser, Siemens SIMATIC S7-1500, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. Code issue vulnerabilities exist in several products. This vulnerability stems from improper design or implementation problems in the code development process of network systems or products",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-7580",
        "trust": 2.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-20-161-04",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-312271",
        "trust": 1.8
      },
      {
        "db": "JVN",
        "id": "JVNVU97501786",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2020.2015",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-185705",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "id": "VAR-202006-1828",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      }
    ],
    "trust": 0.614787719
  },
  "last_update_date": "2023-12-18T10:44:27.041000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-312271:Unquoted Search Path Vulnerabilities in Windows-based Industrial Software Applications",
        "trust": 0.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
      },
      {
        "title": "Multiple Siemens Product code issue vulnerability fixes",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=121186"
      },
      {
        "title": "Siemens Security Advisories: Siemens Security Advisory",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=9c51f352314e5a42566d9203d2f1e0a2"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-428",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7580"
      },
      {
        "trust": 1.2,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-04"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7580"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu97501786/"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/simatic-code-execution-via-windows-exe-extension-32489"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2020.2015/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/428.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-20-161-04"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-06-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "date": "2020-06-10T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "date": "2020-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "date": "2020-06-10T17:15:12.347000",
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "date": "2020-06-09T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185705"
      },
      {
        "date": "2022-04-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-7580"
      },
      {
        "date": "2020-07-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      },
      {
        "date": "2023-04-28T17:06:39.047000",
        "db": "NVD",
        "id": "CVE-2020-7580"
      },
      {
        "date": "2022-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  SIMATIC Vulnerabilities in unquoted search paths or elements in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-006496"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202006-636"
      }
    ],
    "trust": 0.6
  }
}

cve-2023-46280
Vulnerability from cvelistv5
Published
2024-05-14 10:01
Modified
2024-10-08 08:40
Summary
A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-46280",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T14:20:28.448026Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:22:08.819Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:37:40.324Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "S7-PCT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Security Configuration Tool (SCT)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Automation Tool",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V5.0 SP2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC BATCH V9.1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V9.1 SP2 Upd5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V16",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V16 Update 8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V17",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V18",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V18 SP1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC NET PC Software V19",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V19 Update 2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PCS 7 V9.1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V9.1 SP2 UC05",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC PDM V9.2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V9.2 SP2 Upd3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Route Control V9.1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V9.1 SP2 Upd3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC STEP 7 V5",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC OA V3.17",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC OA V3.18",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.18 P025",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC OA V3.19",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.19 P010",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Professional V16",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V16 Update 6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Professional V17",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V17 Update 8",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Professional V18",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V18 Update 4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Professional V19",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V19 Update 2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Unified PC Runtime V18",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V7.4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V7.5",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.5 SP2 Update 17",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC V8.0",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0 Update 5",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS Startdrive",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V19 SP1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK ONE virtual",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.23",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINUMERIK PLC Programming Tool",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TIA Portal Cloud Connector",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Totally Integrated Automation Portal (TIA Portal) V15.1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Totally Integrated Automation Portal (TIA Portal) V16",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Totally Integrated Automation Portal (TIA Portal) V17",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Totally Integrated Automation Portal (TIA Portal) V18",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V18 Update 4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Totally Integrated Automation Portal (TIA Portal) V19",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V19 Update 2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions \u003c V5.0 SP2), SIMATIC BATCH V9.1 (All versions \u003c V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions \u003c V18 SP1), SIMATIC NET PC Software V19 (All versions \u003c V19 Update 2), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions \u003c V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions \u003c V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions \u003c V3.18 P025), SIMATIC WinCC OA V3.19 (All versions \u003c V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions \u003c V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions \u003c V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions \u003c V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions \u003c V8.0 Update 5), SINAMICS Startdrive (All versions \u003c V19 SP1), SINEC NMS (All versions \u003c V3.0), SINUMERIK ONE virtual (All versions \u003c V6.23), SINUMERIK PLC Programming Tool (All versions), TIA Portal Cloud Connector (All versions \u003c V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions \u003c V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-08T08:40:01.468Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-962515.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2023-46280",
    "datePublished": "2024-05-14T10:01:52.069Z",
    "dateReserved": "2023-10-20T08:02:52.794Z",
    "dateUpdated": "2024-10-08T08:40:01.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7580
Vulnerability from cvelistv5
Published
2020-06-10 00:00
Modified
2024-08-04 09:33
Severity ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.492Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC Automation Tool",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4 SP2"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 14"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Upd3"
            }
          ]
        },
        {
          "product": "SIMATIC PCS neo",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0 SP1"
            }
          ]
        },
        {
          "product": "SIMATIC ProSave",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V17"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V21.8"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V13 SP2 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 10"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 5"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 (TIA Portal) V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC STEP 7 V5",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.6 SP2 HF3"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.16 P018"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA V3.17",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.17 P003"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V13 SP2 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 10"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 5"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 2"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC V7.4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.4 SP1 Update 14"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC V7.5",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.5 SP1 Update 3"
            }
          ]
        },
        {
          "product": "SINAMICS STARTER",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V5.4 HF2"
            }
          ]
        },
        {
          "product": "SINAMICS Startdrive",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V16 Update 3"
            }
          ]
        },
        {
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0 SP2"
            }
          ]
        },
        {
          "product": "SINEMA Server",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP3"
            }
          ]
        },
        {
          "product": "SINUMERIK ONE virtual",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.14"
            }
          ]
        },
        {
          "product": "SINUMERIK Operate",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions \u003c V6.14"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-428",
              "description": "CWE-428: Unquoted Search Path or Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-13T00:00:00",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
        },
        {
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2020-7580",
    "datePublished": "2020-06-10T00:00:00",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.492Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}