All the vulnerabilites related to Siemens - TeleControl Server Basic
var-201812-0341
Vulnerability from variot
A vulnerability has been identified in SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (Versions V7.1 < V7.1 Upd3), SIMATIC IT UA Discrete Manufacturing (Versions < V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.4). An attacker with network access to the installation could bypass the application-level authentication. In order to exploit the vulnerability, an attacker must obtain network access to an affected installation and must obtain a valid username to the system. Successful exploitation requires no user privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known. SIMATIC IT LMS , SIMATIC IT Production Suite , SIMATIC IT UA Discrete Manufacturing Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC IT LMS is a line monitoring system for overall equipment performance (OEE). The SIMATIC IT Production Suite is a factory production management suite. This may aid in further attacks. # ICS Advisory (ICSA-18-317-07) ## Siemens SIMATIC IT Production Suite Original release date: November 13, 2018 Print Document Tweet Like Me Share ### Legal Notice All information products included in https://us-cert.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information..
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201812-0341", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic it ua discrete manufacturing", "scope": "eq", "trust": 1.1, "vendor": "siemens", "version": "2.3" }, { "model": "simatic it ua discrete manufacturing", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "v2.4" }, { "model": "simatic it ua discrete manufacturing", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "v1.2" }, { "model": "simatic it ua discrete manufacturing", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "v1.3" }, { "model": "simatic it production suite", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "v7.1" }, { "model": "simatic it line monitoring system", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic it ua discrete manufacturing", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "v2.3" }, { "model": "simatic it ua discrete manufacturing", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "2.4" }, { "model": "simatic it lms", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic it ua discrete manufacturing", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "1.3" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.1 upd3" }, { "model": "simatic it ua discrete manufacturing", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "1.2 and earlier" }, { "model": "simatic it production suite", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.1" }, { "model": "simatic it lms all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic it ua discrete manufacturing", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "2.4" }, { "model": "simatic it production suite upd3", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.1.*\u003c7.1" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.1" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic it lms", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "telecontrol server basic", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.1" }, { "model": "simatic it ua discrete manufacturing", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.4" }, { "model": "simatic it production suite upd3", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it line monitoring system", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it production suite", "version": "v7.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it ua discrete manufacturing", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it ua discrete manufacturing", "version": "v1.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it ua discrete manufacturing", "version": "v2.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it ua discrete manufacturing", "version": "v2.4" } ], "sources": [ { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "BID", "id": "105924" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "NVD", "id": "CVE-2018-13804" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:simatic_it_ua_discrete_manufacturing:v2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_it_ua_discrete_manufacturing:v1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_it_ua_discrete_manufacturing:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "v1.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_it_production_suite:v7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_it_ua_discrete_manufacturing:v2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_it_line_monitoring_system:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2018-13804" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "105924" } ], "trust": 0.3 }, "cve": "CVE-2018-13804", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 9.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2018-13804", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 7.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "CNVD-2018-25912", "impactScore": 9.5, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:P", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 7.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "7d82d140-463f-11e9-9d7d-000c29342cb1", "impactScore": 9.5, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:P", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-123900", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.2, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "High", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.1, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2018-13804", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2018-13804", "trust": 1.8, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2018-25912", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201811-484", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-123900", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "VULHUB", "id": "VHN-123900" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "NVD", "id": "CVE-2018-13804" }, { "db": "CNNVD", "id": "CNNVD-201811-484" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (Versions V7.1 \u003c V7.1 Upd3), SIMATIC IT UA Discrete Manufacturing (Versions \u003c V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.4). An attacker with network access to the installation could bypass the application-level authentication. In order to exploit the vulnerability, an attacker must obtain network access to an affected installation and must obtain a valid username to the system. Successful exploitation requires no user privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known. SIMATIC IT LMS , SIMATIC IT Production Suite , SIMATIC IT UA Discrete Manufacturing Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens SIMATIC IT LMS is a line monitoring system for overall equipment performance (OEE). The SIMATIC IT Production Suite is a factory production management suite. This may aid in further attacks. # ICS Advisory (ICSA-18-317-07) ## Siemens SIMATIC IT Production Suite Original release date: November 13, 2018 [Print Document](javascript:window.print\\(\\);) [Tweet](https://twitter.com/share?url=https%3A%2F%2Fus- cert.cisa.gov%2Fics%2Fadvisories%2FICSA-18-317-07) [Like Me](https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus- cert.cisa.gov%2Fics%2Fadvisories%2FICSA-18-317-07) [Share](http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus- cert.cisa.gov%2Fics%2Fadvisories%2FICSA-18-317-07) ### Legal Notice All information products included in [https://us-cert.gov/ics](/ics) are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information..", "sources": [ { "db": "NVD", "id": "CVE-2018-13804" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "BID", "id": "105924" }, { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "VULHUB", "id": "VHN-123900" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-13804", "trust": 3.6 }, { "db": "BID", "id": "105924", "trust": 2.0 }, { "db": "ICS CERT", "id": "ICSA-18-317-07", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-886615", "trust": 1.7 }, { "db": "CNVD", "id": "CNVD-2018-25912", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201811-484", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-014497", "trust": 0.8 }, { "db": "IVD", "id": "7D82D140-463F-11E9-9D7D-000C29342CB1", "trust": 0.2 }, { "db": "SEEBUG", "id": "SSVID-98857", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-123900", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "VULHUB", "id": "VHN-123900" }, { "db": "BID", "id": "105924" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "NVD", "id": "CVE-2018-13804" }, { "db": "CNNVD", "id": "CNNVD-201811-484" } ] }, "id": "VAR-201812-0341", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "VULHUB", "id": "VHN-123900" } ], "trust": 1.575 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25912" } ] }, "last_update_date": "2023-12-18T13:43:31.246000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-886615", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-886615.pdf" }, { "title": "Patch for Siemens SIMATIC IT LMS, SIMATIC IT Production Suite and SIMATIC IT UA Discrete Manufacturing Authorization Issue Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/147647" }, { "title": "Siemens SIMATIC IT LMS , SIMATIC IT Production Suite and SIMATIC IT UA Discrete Manufacturing Remediation measures for authorization problem vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86885" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "CNNVD", "id": "CNNVD-201811-484" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-284", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-123900" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "NVD", "id": "CVE-2018-13804" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-317-07" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/105924" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-886615.pdf" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-13804" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-13804" }, { "trust": 0.3, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "VULHUB", "id": "VHN-123900" }, { "db": "BID", "id": "105924" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "NVD", "id": "CVE-2018-13804" }, { "db": "CNNVD", "id": "CNNVD-201811-484" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-25912" }, { "db": "VULHUB", "id": "VHN-123900" }, { "db": "BID", "id": "105924" }, { "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "db": "NVD", "id": "CVE-2018-13804" }, { "db": "CNNVD", "id": "CNNVD-201811-484" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-12-20T00:00:00", "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "date": "2018-12-20T00:00:00", "db": "CNVD", "id": "CNVD-2018-25912" }, { "date": "2018-12-13T00:00:00", "db": "VULHUB", "id": "VHN-123900" }, { "date": "2018-11-13T00:00:00", "db": "BID", "id": "105924" }, { "date": "2019-03-25T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "date": "2018-12-13T16:29:00.210000", "db": "NVD", "id": "CVE-2018-13804" }, { "date": "2018-11-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-484" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-12-20T00:00:00", "db": "CNVD", "id": "CNVD-2018-25912" }, { "date": "2019-10-09T00:00:00", "db": "VULHUB", "id": "VHN-123900" }, { "date": "2018-11-13T00:00:00", "db": "BID", "id": "105924" }, { "date": "2019-03-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-014497" }, { "date": "2019-10-09T23:34:32.683000", "db": "NVD", "id": "CVE-2018-13804" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201811-484" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201811-484" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural SIMATIC Access control vulnerabilities in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-014497" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Access control error", "sources": [ { "db": "IVD", "id": "7d82d140-463f-11e9-9d7d-000c29342cb1" }, { "db": "CNNVD", "id": "CNNVD-201811-484" } ], "trust": 0.8 } }
var-202108-2032
Vulnerability from variot
In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. The Local Discovery Server provides the necessary infrastructure to publicly expose the OPC UA servers available on a given computer
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202108-2032", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic process historian opc ua server", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2022" }, { "model": "local discover server", "scope": "lt", "trust": 1.0, "vendor": "opcfoundation", "version": "1.04.402.463" }, { "model": "simatic wincc unified scada runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "telecontrol server basic", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic process historian opc ua server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2022" }, { "model": "local discovery server", "scope": "eq", "trust": 0.8, "vendor": "opc", "version": null }, { "model": "local discovery server", "scope": "eq", "trust": 0.8, "vendor": "opc", "version": "1.04.402.463" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "NVD", "id": "CVE-2021-40142" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:opcfoundation:local_discover_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.04.402.463", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:2022:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2022", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_unified_scada_runtime:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-40142" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202108-2640" } ], "trust": 0.6 }, "cve": "CVE-2021-40142", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-40142", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-397219", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 2.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "OTHER", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "JVNDB-2021-010007", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-40142", "trust": 1.8, "value": "HIGH" }, { "author": "cve@mitre.org", "id": "CVE-2021-40142", "trust": 1.0, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-202108-2640", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-397219", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2021-40142", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-397219" }, { "db": "VULMON", "id": "CVE-2021-40142" }, { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "NVD", "id": "CVE-2021-40142" }, { "db": "NVD", "id": "CVE-2021-40142" }, { "db": "CNNVD", "id": "CNNVD-202108-2640" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. The Local Discovery Server provides the necessary infrastructure to publicly expose the OPC UA servers available on a given computer", "sources": [ { "db": "NVD", "id": "CVE-2021-40142" }, { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "VULHUB", "id": "VHN-397219" }, { "db": "VULMON", "id": "CVE-2021-40142" } ], "trust": 1.8 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-40142", "trust": 3.4 }, { "db": "SIEMENS", "id": "SSA-321292", "trust": 1.8 }, { "db": "JVNDB", "id": "JVNDB-2021-010007", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-202108-2640", "trust": 0.7 }, { "db": "ICS CERT", "id": "ICSA-22-132-12", "trust": 0.7 }, { "db": "CS-HELP", "id": "SB2022051720", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-397219", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2021-40142", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-397219" }, { "db": "VULMON", "id": "CVE-2021-40142" }, { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "NVD", "id": "CVE-2021-40142" }, { "db": "CNNVD", "id": "CNNVD-202108-2640" } ] }, "id": "VAR-202108-2032", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-397219" } ], "trust": 0.613684795 }, "last_update_date": "2023-12-18T13:12:25.198000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Security\u00a0Update\u00a0for\u00a0Local\u00a0Discovery\u00a0Server\u00a0(LDS) OPC\u00a0Foundation\u00a0Security\u00a0Bulletin", "trust": 0.8, "url": "https://files.opcfoundation.org/securitybulletins/opc%20foundation%20security%20bulletin%20cve-2021-40142.pdf" }, { "title": "Local Discovery Server Buffer error vulnerability fix", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=161299" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "CNNVD", "id": "CNNVD-202108-2640" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.1 }, { "problemtype": "Buffer error (CWE-119) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-397219" }, { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "NVD", "id": "CVE-2021-40142" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf" }, { "trust": 1.8, "url": "https://files.opcfoundation.org/securitybulletins/opc%20foundation%20security%20bulletin%20cve-2021-40142.pdf" }, { "trust": 1.8, "url": "https://opcfoundation.org/security-bulletins/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40142" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-foundation-local-discovery-server-38294" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-12" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022051720" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/119.html" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2021-40142" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-12" } ], "sources": [ { "db": "VULHUB", "id": "VHN-397219" }, { "db": "VULMON", "id": "CVE-2021-40142" }, { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "NVD", "id": "CVE-2021-40142" }, { "db": "CNNVD", "id": "CNNVD-202108-2640" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-397219" }, { "db": "VULMON", "id": "CVE-2021-40142" }, { "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "db": "NVD", "id": "CVE-2021-40142" }, { "db": "CNNVD", "id": "CNNVD-202108-2640" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-08-27T00:00:00", "db": "VULHUB", "id": "VHN-397219" }, { "date": "2021-08-27T00:00:00", "db": "VULMON", "id": "CVE-2021-40142" }, { "date": "2022-06-13T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "date": "2021-08-27T07:15:08.630000", "db": "NVD", "id": "CVE-2021-40142" }, { "date": "2021-08-27T00:00:00", "db": "CNNVD", "id": "CNNVD-202108-2640" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-09-03T00:00:00", "db": "VULHUB", "id": "VHN-397219" }, { "date": "2022-09-03T00:00:00", "db": "VULMON", "id": "CVE-2021-40142" }, { "date": "2022-06-13T08:39:00", "db": "JVNDB", "id": "JVNDB-2021-010007" }, { "date": "2022-09-03T03:54:54.180000", "db": "NVD", "id": "CVE-2021-40142" }, { "date": "2022-05-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202108-2640" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202108-2640" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OPC\u00a0Foundation\u00a0Local\u00a0Discovery\u00a0Server\u00a0 Buffer error vulnerability in", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-010007" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-202108-2640" } ], "trust": 0.6 } }
var-201904-0176
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens has a denial of service vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0176", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic wincc runtime advanced", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic net pc software", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf188c", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic rf600r", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic ipc diagmonitor", "scope": null, "trust": 1.4, "vendor": "siemens", "version": null }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic s7-1500f", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic cp443-1 opc ua", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp400f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp700", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "opc unified architecture", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc runtime mobile", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinumerik opc ua server", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.1" }, { "model": "simatic wincc runtime hsp comfort", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic et 200 open controller cpu 1515sp pc2", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.7" }, { "model": "simatic s7-1500t", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic rf188c", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic s7-1500 software controller", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500s", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "2.5" }, { "model": "simatic hmi comfort outdoor panels", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic ipc diagmonitor", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic net pc software", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic wincc runtime comfort", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sinema server", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi comfort outdoor panels", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic wincc oa", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.15-p018" }, { "model": "simatic rf600r", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "simatic hmi ktp mobile panels ktp900", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "simatic hmi ktp mobile panels ktp900f", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "15.1" }, { "model": "sinec-nms", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "1.0" }, { "model": "sinec-nms", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.0" }, { "model": "telecontrol server basic", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "3.1.1" }, { "model": "simatic cp 443-1 opc-ua", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic et 200 open controller cpu 1515sp pc2", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 software controller", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic s7-1500 cpu family", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v2.5" }, { "model": "simatic s7-1500 software controller", "scope": "lte", "trust": 0.6, "vendor": "siemens", "version": "\u003c=v2.5" }, { "model": "simatic wincc oa \u003cv3.15-p018", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinema server", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinumerik opc ua server", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v2.1" }, { "model": "telecontrol server basics", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime comfort", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime mobile", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinec-nms", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic cp443-1 opc ua", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic et200 open controller cpu 1515sp pc2", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc runtime hsp comfort", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.1" }, { "model": "telecontrol server basic sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinumerik opc ua server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "sinec-nms", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime mobile", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime hsp comfort", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime comfort", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc oa", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.15" }, { "model": "simatic wincc oa 3.14-p021", "scope": null, "trust": 0.3, "vendor": "siemens", "version": null }, { "model": "simatic wincc oa", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.14" }, { "model": "simatic wincc oa p002", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.12" }, { "model": "simatic wincc oa", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.12" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.7" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500 software controller", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.8.5" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.8.3" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.7" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.5" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2.0" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.6" }, { "model": "simatic s7-1500", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "1.5.0" }, { "model": "simatic rf600r", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic rf188c", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic net pc software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic ipc diagmonitor", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic et200 open controller cpu 1515sp pc2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic cp opc ua", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "443-10" }, { "model": "sinumerik opc ua server", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "2.1" }, { "model": "simatic wincc oa 3.15-p018", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic cp443 1 opc ua", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500s", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500t", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic et 200 open controller cpu 1515sp pc2", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic ipc diagmonitor", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf188c", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic rf600r", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500 controller", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc oa", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime advanced", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime comfort", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime hsp comfort", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime mobile", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinec nms", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinumerik opc ua server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol server basic", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic s7 1500f", "version": "*" } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_cp443-1_opc_ua_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_cp443-1_opc_ua:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.7", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_net_pc_software_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_net_pc_software:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_oa:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.15-p018", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_comfort:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_hsp_comfort:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime_mobile:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:opc_unified_architecture:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinec-nms:1.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.1.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinec-nms:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.5", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "15.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2019-6575" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens,Siemens ProductCERT reported this vulnerability to NCCIC.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-462" } ], "trust": 0.6 }, "cve": "CVE-2019-6575", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 6.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 7.8, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-6575", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2019-12905", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-158010", "impactScore": 6.9, "integrityImpact": "NONE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2019-6575", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2019-6575", "trust": 1.8, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2019-12905", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201904-462", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc", "trust": 0.2, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-158010", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2019-6575", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication. plural Siemens The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens is a leading global technology company that provides solutions to customers in the areas of power generation and transmission and distribution, infrastructure, industrial automation, drive and software with innovation in electrification, automation and digital. Siemens has a denial of service vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens SIMATIC S7-1500 CPU, etc. are all products of German Siemens (Siemens). SIMATIC S7-1500 CPU is a CPU (central processing unit) module. SIMATIC S7-1500 is a programmable logic controller. SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system. The vulnerability stems from the failure of the network system or product to properly validate the input data", "sources": [ { "db": "NVD", "id": "CVE-2019-6575" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "BID", "id": "107833" }, { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-6575", "trust": 3.7 }, { "db": "ICS CERT", "id": "ICSA-19-099-03", "trust": 2.4 }, { "db": "SIEMENS", "id": "SSA-307392", "trust": 1.8 }, { "db": "BID", "id": "107833", "trust": 1.1 }, { "db": "CNNVD", "id": "CNNVD-201904-462", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2019-12905", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-003488", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2019.1205", "trust": 0.6 }, { "db": "IVD", "id": "B72B932A-FFE5-40C4-80A7-5E3F71B449FC", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-158010", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-6575", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "id": "VAR-201904-0176", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" } ], "trust": 1.5504856258823527 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS", "Network device" ], "sub_category": null, "trust": 0.6 }, { "category": [ "ICS" ], "sub_category": null, "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" } ] }, "last_update_date": "2023-12-18T13:13:29.388000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-307392", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" }, { "title": "SiemensIndustrialProductswithOPCUA denial of service vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/160239" }, { "title": "Siemens OPC UA Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91290" }, { "title": "Siemens Security Advisories: Siemens Security Advisory", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=f300e0ed579e6a7eeebba4d6b8703ede" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-248", "trust": 1.0 }, { "problemtype": "CWE-20", "trust": 0.9 }, { "problemtype": "CWE-755", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-158010" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-19-099-03" }, { "trust": 1.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" }, { "trust": 1.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-6575" }, { "trust": 0.9, "url": "http://www.siemens.com/" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6575" }, { "trust": 0.7, "url": "https://www.securityfocus.com/bid/107833" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-ua-4840-tcp-28974" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-19-099-03" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/78742" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/755.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-19-099-03" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" }, { "db": "VULHUB", "id": "VHN-158010" }, { "db": "VULMON", "id": "CVE-2019-6575" }, { "db": "BID", "id": "107833" }, { "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "db": "NVD", "id": "CVE-2019-6575" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-05T00:00:00", "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "date": "2019-05-05T00:00:00", "db": "CNVD", "id": "CNVD-2019-12905" }, { "date": "2019-04-17T00:00:00", "db": "VULHUB", "id": "VHN-158010" }, { "date": "2019-04-17T00:00:00", "db": "VULMON", "id": "CVE-2019-6575" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107833" }, { "date": "2019-05-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "date": "2019-04-17T14:29:03.760000", "db": "NVD", "id": "CVE-2019-6575" }, { "date": "2019-04-09T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-05-07T00:00:00", "db": "CNVD", "id": "CNVD-2019-12905" }, { "date": "2020-10-16T00:00:00", "db": "VULHUB", "id": "VHN-158010" }, { "date": "2022-04-12T00:00:00", "db": "VULMON", "id": "CVE-2019-6575" }, { "date": "2019-04-09T00:00:00", "db": "BID", "id": "107833" }, { "date": "2019-05-17T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-003488" }, { "date": "2022-10-06T16:40:43.557000", "db": "NVD", "id": "CVE-2019-6575" }, { "date": "2022-08-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201904-462" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201904-462" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens Industrial Products with OPC UA Denial of service vulnerability", "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNVD", "id": "CNVD-2019-12905" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Input validation error", "sources": [ { "db": "IVD", "id": "b72b932a-ffe5-40c4-80a7-5e3f71b449fc" }, { "db": "CNNVD", "id": "CNNVD-201904-462" } ], "trust": 0.8 } }
var-201611-0180
Vulnerability from variot
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files*" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0180", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simit", "scope": "eq", "trust": 3.3, "vendor": "siemens", "version": "9.0" }, { "model": "softnet security client", "scope": "eq", "trust": 1.7, "vendor": "siemens", "version": "5.0" }, { "model": "simatic wincc runtime", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "sinema remote connect", "scope": "eq", "trust": 1.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.4" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.3, "vendor": "siemens", "version": "7.2" }, { "model": "sinema server", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "13.0" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.1" }, { "model": "simatic wincc \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic wincc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic net pc software", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "simatic step 7", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.5" }, { "model": "telecontrol basic", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "primary setup tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.2" }, { "model": "security configuration tool", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.1" }, { "model": "simatic pcs7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.0" }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic step 7 \\", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "14.0" }, { "model": "softnet security client", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "7.0" }, { "model": "simatic it production suite", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.0" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.9, "vendor": "siemens", "version": "78.2" }, { "model": "security configuration tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx f 2010", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "sp2" }, { "model": "simatic it production suite", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "lt", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3" }, { "model": "simatic winac rtx 2010", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "sp2" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "professional" }, { "model": "simatic pcs 7", "scope": "lte", "trust": 0.8, "vendor": "siemens", "version": "8.2 until" }, { "model": "simatic wincc runtime professional", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.2 to 7.4" }, { "model": "sinema remote connect client", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "7.0 sp3 upd 8" }, { "model": "simatic step 7", "scope": "eq", "trust": 0.8, "vendor": "siemens", "version": "5.x" }, { "model": "primary setup tool", "scope": null, "trust": 0.8, "vendor": "siemens", "version": null }, { "model": null, "scope": "eq", "trust": 0.6, "vendor": "simatic wincc tia portal", "version": "*" }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "75.x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.3x" }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.4x" }, { "model": "sinema server", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.2x" }, { "model": "simatic wincc sp2 sp2 upd", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.0\u003c7.012" }, { "model": "simatic wincc sp3 sp3 upd", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7.0\u003c7.08" }, { "model": "simatic net pc-software", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc runtime professional all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic step", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "7\u003c14" }, { "model": "simatic wincc basic", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc comfort", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc advanced", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc professional all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "sinema remote connect client all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic winac rtx sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx f sp2 all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "2010" }, { "model": "simatic it production suite all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "telecontrol server basic sp2", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "softnet security client all", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "v5.0" }, { "model": "security configuration tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "primary setup tool all", "scope": null, "trust": 0.6, "vendor": "siemens", "version": null }, { "model": "simatic wincc \\", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "14.0" }, { "model": "telecontrol basic", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "13.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "v12" }, { "model": "sinema server sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0" }, { "model": "sinema server", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12.0-" }, { "model": "sinema remote connect client", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc runtime professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc professional", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc comfort", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc basic", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc advanced", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.41" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.32" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.310" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.31" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.3" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.29" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.28" }, { "model": "simatic wincc update", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.21" }, { "model": "simatic wincc upd4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc upd11", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.2" }, { "model": "simatic wincc sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic wincc sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7.0" }, { "model": "simatic winac rtx f sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic winac rtx sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "2010" }, { "model": "simatic step tia portal sp1 upd1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v13" }, { "model": "simatic step tia portal", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "7v12" }, { "model": "simatic step sp4 hf4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp4", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3 hf10", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2 hf7", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1 hf2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic step", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "75.5" }, { "model": "simatic pcs sp1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "78" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77.1" }, { "model": "simatic pcs", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "77" }, { "model": "simatic net pc-software sp2", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software hf1", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic net pc-software sp2 hf3", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic net pc-software", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "12" }, { "model": "simatic it production suite", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "security configuration tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "primary setup tool", "scope": "eq", "trust": 0.3, "vendor": "siemens", "version": "0" }, { "model": "telecontrol server basic sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "3.0" }, { "model": "sinema server sp2", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "13" }, { "model": "simatic wincc comfort", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc basic", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc advanced", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": "simatic wincc sp3 upd", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.08" }, { "model": "simatic wincc sp2 upd", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7.012" }, { "model": "simatic step tia portal", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "7v14" }, { "model": "simatic net pc-software", "scope": "ne", "trust": 0.3, "vendor": "siemens", "version": "14" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "primary setup tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "security configuration tool", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic it production suite", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic net pc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs7", "version": "8.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic pcs 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic step 7 tia portal", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic winac rtx f 2010", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.2" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.3" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc", "version": "7.4" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc tia portal", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simatic wincc runtime", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "simit", "version": "9.0" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema remote connect", "version": null }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "sinema server", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "softnet security client", "version": "*" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol basic", "version": "*" } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:security_configuration_tool:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simit:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinema_server:*:sp2:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "13.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7:*:sp4:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:softnet_security_client:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_basic:*:sp2:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "14.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:basic:*:*:*", "cpe_name": [], "versionEndIncluding": "14.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_it_production_suite:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_winac_rtx_f_2010:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:advanced:*:*:*", "cpe_name": [], "versionEndIncluding": "14.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:comfort:*:*:*", "cpe_name": [], "versionEndIncluding": "14.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc:*:sp2:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:primary_setup_tool:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):-:*:*:*:professional:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2016-7165" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WATERSURE and KIANDRA IT", "sources": [ { "db": "BID", "id": "94158" } ], "trust": 0.3 }, "cve": "CVE-2016-7165", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Local", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 6.9, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2016-7165", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "MULTIPLE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 1.2, "id": "CNVD-2016-10732", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "MULTIPLE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 5.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 1.2, "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:L/AC:H/Au:M/C:C/I:C/A:C", "version": "2.9 [IVD]" }, { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.4, "id": "VHN-95985", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "HIGH", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "exploitabilityScore": 0.5, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "High", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.4, "baseSeverity": "Medium", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2016-7165", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "High", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2016-7165", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2016-10732", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201611-301", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88", "trust": 0.2, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-95985", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC IT Production Suite (All versions \u003c V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions \u003c V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions \u003c V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions \u003c V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions \u003c V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions \u003c V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1), SIMIT V9.0 (All versions \u003c V9.0 SP1), SINEMA Remote Connect Client (All versions \u003c V1.0 SP3), SINEMA Server (All versions \u003c V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions \u003c V4.3 HF1), TeleControl Server Basic (All versions \u003c V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent). plural Siemens The product has an installation %PROGRAMFILES% If not using a directory, it is not enclosed in quotes Windows There are vulnerabilities whose privileges are obtained by the search path. Supplementary information : CWE Vulnerability type by CWE-254: Security Features ( Security function ) ,and CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. https://cwe.mitre.org/data/definitions/254.html https://cwe.mitre.org/data/definitions/284.htmlA local user may be able to gain privileges through the Trojan executable. Founded in 1847, Siemens AG of Germany focuses on the fields of electrification, automation and digitization. Siemens is a leader in offshore wind turbine construction, gas turbine and steam turbine power generation, transmission solutions, infrastructure solutions, industrial automation, drive and software solutions, and medical imaging equipment and laboratory diagnostics. There are privilege escalation vulnerabilities in many Siemens products. Siemens SIMATIC WinCC, etc. Siemens SIMATIC WinCC is an automated data acquisition and monitoring (SCADA) system; SIMATIC PCS 7 is a distributed process control system using WinCC", "sources": [ { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "BID", "id": "94158" }, { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "VULHUB", "id": "VHN-95985" } ], "trust": 2.7 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-7165", "trust": 3.6 }, { "db": "ICS CERT", "id": "ICSA-16-313-02", "trust": 2.8 }, { "db": "SIEMENS", "id": "SSA-701708", "trust": 1.7 }, { "db": "BID", "id": "94158", "trust": 1.4 }, { "db": "CNNVD", "id": "CNNVD-201611-301", "trust": 0.9 }, { "db": "CNVD", "id": "CNVD-2016-10732", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2016-005899", "trust": 0.8 }, { "db": "IVD", "id": "B4D8EF0B-EEF6-4E09-9B80-86C9B1224D88", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-95985", "trust": 0.1 } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "id": "VAR-201611-0180", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" } ], "trust": 1.5737990596153848 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" } ] }, "last_update_date": "2023-12-18T13:09:01.043000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-701708", "trust": 0.8, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf" }, { "title": "Patch for a number of Siemens products with privilege escalation vulnerability (CNVD-2016-10732)", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/83616" }, { "title": "Multiple Siemens Product non-reference Windows Search path vulnerability fixes", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65670" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-254", "trust": 1.1 }, { "problemtype": "CWE-284", "trust": 1.1 }, { "problemtype": "CWE-Other", "trust": 0.8 } ], "sources": [ { "db": "VULHUB", "id": "VHN-95985" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.2, "url": "https://ics-cert.us-cert.gov/advisories/icsa-16-313-02" }, { "trust": 1.1, "url": "http://www.securityfocus.com/bid/94158" }, { "trust": 1.1, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf" }, { "trust": 1.1, "url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7165" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7165" }, { "trust": 0.6, "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-701708.pdf" }, { "trust": 0.6, "url": "https://www.us-cert.gov/ics/advisories/icsa-16-313-02" }, { "trust": 0.3, "url": "http://subscriber.communications.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNVD", "id": "CNVD-2016-10732" }, { "db": "VULHUB", "id": "VHN-95985" }, { "db": "BID", "id": "94158" }, { "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "db": "NVD", "id": "CVE-2016-7165" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-08T00:00:00", "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "date": "2016-11-08T00:00:00", "db": "CNVD", "id": "CNVD-2016-10732" }, { "date": "2016-11-15T00:00:00", "db": "VULHUB", "id": "VHN-95985" }, { "date": "2016-11-08T00:00:00", "db": "BID", "id": "94158" }, { "date": "2016-11-18T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "date": "2016-11-15T19:30:02.797000", "db": "NVD", "id": "CVE-2016-7165" }, { "date": "2016-11-16T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-11-08T00:00:00", "db": "CNVD", "id": "CNVD-2016-10732" }, { "date": "2018-06-15T00:00:00", "db": "VULHUB", "id": "VHN-95985" }, { "date": "2016-11-24T01:08:00", "db": "BID", "id": "94158" }, { "date": "2016-12-08T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-005899" }, { "date": "2018-06-15T01:29:00.310000", "db": "NVD", "id": "CVE-2016-7165" }, { "date": "2019-10-11T00:00:00", "db": "CNNVD", "id": "CNNVD-201611-301" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "94158" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural Siemens Vulnerability gained in products", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-005899" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "IVD", "id": "b4d8ef0b-eef6-4e09-9b80-86c9b1224d88" }, { "db": "CNNVD", "id": "CNNVD-201611-301" } ], "trust": 0.8 } }
var-201801-1635
Vulnerability from variot
A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with network access to the TeleControl Server Basic's port 8000/tcp could bypass the authentication mechanism and read limited information. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. Failed exploit attempts may result in a denial of service condition. This may aid in further attacks
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201801-1635", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "telecontrol server basic", "scope": "lt", "trust": 1.8, "vendor": "siemens", "version": "3.1" }, { "model": "telecontrol server basics", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.1" }, { "model": "telecontrol server basic sp2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "ne", "trust": 0.6, "vendor": "siemens", "version": "3.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol server basic", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02348" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102894" }, { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "NVD", "id": "CVE-2018-4835" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.1", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2018-4835" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102894" } ], "trust": 0.6 }, "cve": "CVE-2018-4835", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.0, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2018-4835", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CNVD-2018-02348", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.9 [IVD]" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitabilityScore": 3.9, "impactScore": 1.4, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.3, "baseSeverity": "Medium", "confidentialityImpact": "Low", "exploitabilityScore": null, "id": "CVE-2018-4835", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2018-4835", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNVD", "id": "CNVD-2018-02348", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201801-986", "trust": 0.6, "value": "MEDIUM" }, { "author": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1", "trust": 0.2, "value": "MEDIUM" } ] } ], "sources": [ { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02348" }, { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "NVD", "id": "CVE-2018-4835" }, { "db": "CNNVD", "id": "CNNVD-201801-986" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An attacker with network access to the TeleControl Server Basic\u0027s port 8000/tcp could bypass the authentication mechanism and read limited information. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. Failed exploit attempts may result in a denial of service condition. This may aid in further attacks", "sources": [ { "db": "NVD", "id": "CVE-2018-4835" }, { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "CNVD", "id": "CNVD-2018-02348" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102894" }, { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-4835", "trust": 3.8 }, { "db": "ICS CERT", "id": "ICSA-18-030-02", "trust": 2.0 }, { "db": "BID", "id": "102904", "trust": 1.9 }, { "db": "SIEMENS", "id": "SSA-651454", "trust": 1.9 }, { "db": "BID", "id": "102894", "trust": 1.9 }, { "db": "CNVD", "id": "CNVD-2018-02348", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201801-986", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-001581", "trust": 0.8 }, { "db": "IVD", "id": "E2E2DC63-39AB-11E9-93CA-000C29342CB1", "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02348" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102894" }, { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "NVD", "id": "CVE-2018-4835" }, { "db": "CNNVD", "id": "CNNVD-201801-986" } ] }, "id": "VAR-201801-1635", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02348" } ], "trust": 1.8 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02348" } ] }, "last_update_date": "2023-12-18T12:02:45.343000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-651454", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-651454.pdf" }, { "title": "Siemens TeleControl Server Basic certification bypasses the patch for the vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/115103" }, { "title": "Siemens TeleControl Server Basic Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78099" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-02348" }, { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "CNNVD", "id": "CNNVD-201801-986" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-200", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "NVD", "id": "CVE-2018-4835" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-030-02" }, { "trust": 1.9, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/102894" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/102904" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4835" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4835" }, { "trust": 0.6, "url": "https://support.industry.siemens.com/cs/ww/en/view/109755199" }, { "trust": 0.6, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-02348" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102894" }, { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "NVD", "id": "CVE-2018-4835" }, { "db": "CNNVD", "id": "CNNVD-201801-986" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02348" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102894" }, { "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "db": "NVD", "id": "CVE-2018-4835" }, { "db": "CNNVD", "id": "CNNVD-201801-986" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-01-31T00:00:00", "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "date": "2018-01-31T00:00:00", "db": "CNVD", "id": "CNVD-2018-02348" }, { "date": "2018-01-30T00:00:00", "db": "BID", "id": "102904" }, { "date": "2018-01-25T00:00:00", "db": "BID", "id": "102894" }, { "date": "2018-02-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "date": "2018-01-25T14:29:00.320000", "db": "NVD", "id": "CVE-2018-4835" }, { "date": "2018-01-26T00:00:00", "db": "CNNVD", "id": "CNNVD-201801-986" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-01-31T00:00:00", "db": "CNVD", "id": "CNVD-2018-02348" }, { "date": "2018-01-30T00:00:00", "db": "BID", "id": "102904" }, { "date": "2018-01-25T00:00:00", "db": "BID", "id": "102894" }, { "date": "2018-04-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-001581" }, { "date": "2019-10-09T23:41:00.327000", "db": "NVD", "id": "CVE-2018-4835" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201801-986" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102894" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens TeleControl Server Basic Authentication Bypass Vulnerability", "sources": [ { "db": "IVD", "id": "e2e2dc63-39ab-11e9-93ca-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02348" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "information disclosure", "sources": [ { "db": "CNNVD", "id": "CNNVD-201801-986" } ], "trust": 0.6 } }
var-202203-1191
Vulnerability from variot
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference. OPC Foundation of ua-nodeset For products from other vendors, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202203-1191", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "16" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "15" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "17" }, { "model": "sitop manager", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "ua-nodeset", "scope": "lt", "trust": 1.0, "vendor": "opcfoundation", "version": "1.05.01" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.0" }, { "model": "simatic net pc", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "14" }, { "model": "telecontrol server basic", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "ua-nodeset", "scope": null, "trust": 0.8, "vendor": "opc", "version": null }, { "model": "simatic net pc", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null }, { "model": "sitop manager", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:opcfoundation:ua-nodeset:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.05.01", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sitop_manager:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-45117" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens reported this vulnerability to CISA.", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1906" } ], "trust": 0.6 }, "cve": "CVE-2021-45117", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 4.3, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-45117", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 6.5, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-45117", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-45117", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202203-1906", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2021-45117", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference. OPC Foundation of ua-nodeset For products from other vendors, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state", "sources": [ { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "VULMON", "id": "CVE-2021-45117" } ], "trust": 1.71 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-45117", "trust": 3.3 }, { "db": "SIEMENS", "id": "SSA-285795", "trust": 2.5 }, { "db": "ICS CERT", "id": "ICSA-22-132-08", "trust": 1.5 }, { "db": "JVN", "id": "JVNVU92977068", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2021-018979", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2022.2358", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022051719", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202203-1906", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2021-45117", "trust": 0.1 } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "id": "VAR-202203-1191", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.6666667 }, "last_update_date": "2023-12-18T11:56:06.385000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2021-45117 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-476", "trust": 1.0 }, { "problemtype": "NULL Pointer dereference (CWE-476) [NVD evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://files.opcfoundation.org/securitybulletins/opc%20foundation%20security%20bulletin%20cve-2021-45117.pdf" }, { "trust": 2.5, "url": "https://www.youtube.com/watch?v=qv-rbdcav4k" }, { "trust": 2.5, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu92977068/" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45117" }, { "trust": 0.8, "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-132-08" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/siemens-simatic-denial-of-service-via-opc-ua-ansic-stack-38293" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-08" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022051719" }, { "trust": 0.6, "url": "https://cxsecurity.com/cveshow/cve-2021-45117/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.2358" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/476.html" }, { "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2021-45117" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-08" } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULMON", "id": "CVE-2021-45117" }, { "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "db": "NVD", "id": "CVE-2021-45117" }, { "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-03-21T00:00:00", "db": "VULMON", "id": "CVE-2021-45117" }, { "date": "2023-07-12T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "date": "2022-03-21T15:15:07.927000", "db": "NVD", "id": "CVE-2021-45117" }, { "date": "2022-03-21T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-09-03T00:00:00", "db": "VULMON", "id": "CVE-2021-45117" }, { "date": "2023-07-12T08:30:00", "db": "JVNDB", "id": "JVNDB-2021-018979" }, { "date": "2022-09-03T03:55:39.127000", "db": "NVD", "id": "CVE-2021-45117" }, { "date": "2022-05-18T00:00:00", "db": "CNNVD", "id": "CNNVD-202203-1906" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1906" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OPC\u00a0Foundation\u00a0 of \u00a0ua-nodeset\u00a0 in products from other multiple vendors \u00a0NULL\u00a0 Pointer dereference vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-018979" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-202203-1906" } ], "trust": 0.6 } }
var-201801-1629
Vulnerability from variot
A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic's port 8000/tcp could escalate his privileges and perform administrative operations. TeleControl Server Basic Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. An attacker can leverage these issues to obtain sensitive information, bypass security restrictions and gain elevated privileges. Failed exploit attempts may result in a denial of service condition
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201801-1629", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "telecontrol server basic", "scope": "lt", "trust": 1.8, "vendor": "siemens", "version": "3.1" }, { "model": "telecontrol server basics", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.1" }, { "model": "telecontrol server basic sp2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "ne", "trust": 0.6, "vendor": "siemens", "version": "3.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol server basic", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02347" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102897" }, { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "NVD", "id": "CVE-2018-4836" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.1", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2018-4836" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102897" } ], "trust": 0.6 }, "cve": "CVE-2018-4836", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "Single", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 6.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2018-4836", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "CNVD-2018-02347", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.9 [IVD]" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 8.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2018-4836", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "Low", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2018-4836", "trust": 1.8, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2018-02347", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201801-985", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1", "trust": 0.2, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02347" }, { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "NVD", "id": "CVE-2018-4836" }, { "db": "CNNVD", "id": "CNNVD-201801-985" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An authenticated attacker with a low-privileged account to the TeleControl Server Basic\u0027s port 8000/tcp could escalate his privileges and perform administrative operations. TeleControl Server Basic Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. \nAn attacker can leverage these issues to obtain sensitive information, bypass security restrictions and gain elevated privileges. Failed exploit attempts may result in a denial of service condition", "sources": [ { "db": "NVD", "id": "CVE-2018-4836" }, { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "CNVD", "id": "CNVD-2018-02347" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102897" }, { "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-4836", "trust": 3.8 }, { "db": "BID", "id": "102904", "trust": 1.9 }, { "db": "SIEMENS", "id": "SSA-651454", "trust": 1.9 }, { "db": "BID", "id": "102897", "trust": 1.9 }, { "db": "ICS CERT", "id": "ICSA-18-030-02", "trust": 1.7 }, { "db": "CNVD", "id": "CNVD-2018-02347", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201801-985", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-001582", "trust": 0.8 }, { "db": "IVD", "id": "E2E32A80-39AB-11E9-AE20-000C29342CB1", "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02347" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102897" }, { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "NVD", "id": "CVE-2018-4836" }, { "db": "CNNVD", "id": "CNNVD-201801-985" } ] }, "id": "VAR-201801-1629", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02347" } ], "trust": 1.8 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02347" } ] }, "last_update_date": "2023-12-18T12:02:45.265000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-651454", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-651454.pdf" }, { "title": "Patch for Siemens TeleControl Server Basic Privilege Escalation Vulnerability", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/115111" }, { "title": "Siemens TeleControl Server Basic Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78098" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-02347" }, { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "CNNVD", "id": "CNNVD-201801-985" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-264", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "NVD", "id": "CVE-2018-4836" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.9, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf" }, { "trust": 1.7, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-030-02" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/102897" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/102904" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4836" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4836" }, { "trust": 0.6, "url": "https://support.industry.siemens.com/cs/ww/en/view/109755199" }, { "trust": 0.6, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-02347" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102897" }, { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "NVD", "id": "CVE-2018-4836" }, { "db": "CNNVD", "id": "CNNVD-201801-985" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02347" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102897" }, { "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "db": "NVD", "id": "CVE-2018-4836" }, { "db": "CNNVD", "id": "CNNVD-201801-985" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-01-31T00:00:00", "db": "IVD", "id": "e2e32a80-39ab-11e9-ae20-000c29342cb1" }, { "date": "2018-01-31T00:00:00", "db": "CNVD", "id": "CNVD-2018-02347" }, { "date": "2018-01-30T00:00:00", "db": "BID", "id": "102904" }, { "date": "2018-01-25T00:00:00", "db": "BID", "id": "102897" }, { "date": "2018-02-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "date": "2018-01-25T14:29:00.380000", "db": "NVD", "id": "CVE-2018-4836" }, { "date": "2018-01-26T00:00:00", "db": "CNNVD", "id": "CNNVD-201801-985" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-01-31T00:00:00", "db": "CNVD", "id": "CNVD-2018-02347" }, { "date": "2018-01-30T00:00:00", "db": "BID", "id": "102904" }, { "date": "2018-01-25T00:00:00", "db": "BID", "id": "102897" }, { "date": "2018-04-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-001582" }, { "date": "2019-10-09T23:41:00.453000", "db": "NVD", "id": "CVE-2018-4836" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201801-985" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102897" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "TeleControl Server Basic Vulnerabilities related to authorization, permissions, and access control", "sources": [ { "db": "JVNDB", "id": "JVNDB-2018-001582" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201801-985" } ], "trust": 0.6 } }
var-201801-1630
Vulnerability from variot
A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition. TeleControl Server Basic Has unspecified vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. An attacker could exploit the vulnerability to cause a denial of service. An attacker can leverage these issues to obtain sensitive information, bypass security restrictions and gain elevated privileges
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201801-1630", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "telecontrol server basic", "scope": "lt", "trust": 1.8, "vendor": "siemens", "version": "3.1" }, { "model": "telecontrol server basics", "scope": "lt", "trust": 0.6, "vendor": "siemens", "version": "v3.1" }, { "model": "telecontrol server basic sp2", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "eq", "trust": 0.6, "vendor": "siemens", "version": "3.0" }, { "model": "telecontrol server basic", "scope": "ne", "trust": 0.6, "vendor": "siemens", "version": "3.1" }, { "model": null, "scope": "eq", "trust": 0.2, "vendor": "telecontrol server basic", "version": "*" } ], "sources": [ { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02346" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102819" }, { "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "db": "NVD", "id": "CVE-2018-4837" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.1", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2018-4837" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The vendor reported this issue.", "sources": [ { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102819" } ], "trust": 0.6 }, "cve": "CVE-2018-4837", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2018-4837", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CNVD-2018-02346", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.6, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "IVD", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.2, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.9 [IVD]" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.5, "baseSeverity": "High", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2018-4837", "impactScore": null, "integrityImpact": "None", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2018-4837", "trust": 1.8, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2018-02346", "trust": 0.6, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201801-984", "trust": 0.6, "value": "HIGH" }, { "author": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1", "trust": 0.2, "value": "HIGH" } ] } ], "sources": [ { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02346" }, { "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "db": "NVD", "id": "CVE-2018-4837" }, { "db": "CNNVD", "id": "CNNVD-201801-984" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "A vulnerability has been identified in TeleControl Server Basic \u003c V3.1. An attacker with access to the TeleControl Server Basic\u0027s webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition. TeleControl Server Basic Has unspecified vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. An attacker could exploit the vulnerability to cause a denial of service. \nAn attacker can leverage these issues to obtain sensitive information, bypass security restrictions and gain elevated privileges", "sources": [ { "db": "NVD", "id": "CVE-2018-4837" }, { "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "db": "CNVD", "id": "CNVD-2018-02346" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102819" }, { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" } ], "trust": 2.88 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2018-4837", "trust": 3.8 }, { "db": "ICS CERT", "id": "ICSA-18-030-02", "trust": 2.0 }, { "db": "BID", "id": "102904", "trust": 1.9 }, { "db": "SIEMENS", "id": "SSA-651454", "trust": 1.9 }, { "db": "BID", "id": "102819", "trust": 1.9 }, { "db": "CNVD", "id": "CNVD-2018-02346", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201801-984", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2018-001583", "trust": 0.8 }, { "db": "IVD", "id": "E2E2DC65-39AB-11E9-93D6-000C29342CB1", "trust": 0.2 } ], "sources": [ { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02346" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102819" }, { "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "db": "NVD", "id": "CVE-2018-4837" }, { "db": "CNNVD", "id": "CNNVD-201801-984" } ] }, "id": "VAR-201801-1630", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02346" } ], "trust": 1.8 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "ICS" ], "sub_category": null, "trust": 0.8 } ], "sources": [ { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02346" } ] }, "last_update_date": "2023-12-18T12:02:45.305000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "SSA-651454", "trust": 0.8, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-651454.pdf" }, { "title": "Siemens TeleControl Server Basic denial of service vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/115115" }, { "title": "Siemens TeleControl Server Basic Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78097" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-02346" }, { "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "db": "CNNVD", "id": "CNNVD-201801-984" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2018-4837" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-030-02" }, { "trust": 1.9, "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/102819" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/102904" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4837" }, { "trust": 0.8, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4837" }, { "trust": 0.6, "url": "https://support.industry.siemens.com/cs/ww/en/view/109755199" }, { "trust": 0.6, "url": "http://www.siemens.com/" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2018-02346" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102819" }, { "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "db": "NVD", "id": "CVE-2018-4837" }, { "db": "CNNVD", "id": "CNNVD-201801-984" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02346" }, { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102819" }, { "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "db": "NVD", "id": "CVE-2018-4837" }, { "db": "CNNVD", "id": "CNNVD-201801-984" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-01-31T00:00:00", "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "date": "2018-01-31T00:00:00", "db": "CNVD", "id": "CNVD-2018-02346" }, { "date": "2018-01-30T00:00:00", "db": "BID", "id": "102904" }, { "date": "2018-01-25T00:00:00", "db": "BID", "id": "102819" }, { "date": "2018-02-26T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "date": "2018-01-25T14:29:00.427000", "db": "NVD", "id": "CVE-2018-4837" }, { "date": "2018-01-26T00:00:00", "db": "CNNVD", "id": "CNNVD-201801-984" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-01-31T00:00:00", "db": "CNVD", "id": "CNVD-2018-02346" }, { "date": "2018-01-30T00:00:00", "db": "BID", "id": "102904" }, { "date": "2018-01-25T00:00:00", "db": "BID", "id": "102819" }, { "date": "2018-04-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2018-001583" }, { "date": "2019-10-09T23:41:00.563000", "db": "NVD", "id": "CVE-2018-4837" }, { "date": "2019-10-17T00:00:00", "db": "CNNVD", "id": "CNNVD-201801-984" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "102904" }, { "db": "BID", "id": "102819" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Siemens TeleControl Server Basic Denial of service vulnerability", "sources": [ { "db": "IVD", "id": "e2e2dc65-39ab-11e9-93d6-000c29342cb1" }, { "db": "CNVD", "id": "CNVD-2018-02346" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "lack of information", "sources": [ { "db": "CNNVD", "id": "CNNVD-201801-984" } ], "trust": 0.6 } }
cve-2019-6575
Vulnerability from cvelistv5
▼ | URL | Tags |
---|---|---|
https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:23:22.041Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "SIMATIC CP 443-1 OPC UA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.7" } ] }, { "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SIMATIC IPC DiagMonitor", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V5.1.3" } ] }, { "product": "SIMATIC NET PC Software V13", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC NET PC Software V14", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP1 Update 14" } ] }, { "product": "SIMATIC NET PC Software V15", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions" } ] }, { "product": "SIMATIC RF188C", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.1.0" } ] }, { "product": "SIMATIC RF600R family", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.2.1" } ] }, { "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003e= V2.5 \u003c V2.6.1" } ] }, { "product": "SIMATIC S7-1500 Software Controller", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions between V2.5 (including) and V2.7 (excluding)" } ] }, { "product": "SIMATIC WinCC OA", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.15 P018" } ] }, { "product": "SIMATIC WinCC Runtime Advanced", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V15.1 Upd 4" } ] }, { "product": "SINEC NMS", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V1.0 SP1" } ] }, { "product": "SINEMA Server", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V14 SP2" } ] }, { "product": "SINUMERIK OPC UA Server", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V2.1" } ] }, { "product": "TeleControl Server Basic", "vendor": "Siemens", "versions": [ { "status": "affected", "version": "All versions \u003c V3.1.1" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-248", "description": "CWE-248: Uncaught Exception", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-10T11:16:36", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "productcert@siemens.com", "ID": "CVE-2019-6575", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "SIMATIC CP 443-1 OPC UA", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V2.7" } ] } }, { "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SIMATIC IPC DiagMonitor", "version": { "version_data": [ { "version_value": "All versions \u003c V5.1.3" } ] } }, { "product_name": "SIMATIC NET PC Software V13", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC NET PC Software V14", "version": { "version_data": [ { "version_value": "All versions \u003c V14 SP1 Update 14" } ] } }, { "product_name": "SIMATIC NET PC Software V15", "version": { "version_data": [ { "version_value": "All versions" } ] } }, { "product_name": "SIMATIC RF188C", "version": { "version_data": [ { "version_value": "All versions \u003c V1.1.0" } ] } }, { "product_name": "SIMATIC RF600R family", "version": { "version_data": [ { "version_value": "All versions \u003c V3.2.1" } ] } }, { "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)", "version": { "version_data": [ { "version_value": "All versions \u003e= V2.5 \u003c V2.6.1" } ] } }, { "product_name": "SIMATIC S7-1500 Software Controller", "version": { "version_data": [ { "version_value": "All versions between V2.5 (including) and V2.7 (excluding)" } ] } }, { "product_name": "SIMATIC WinCC OA", "version": { "version_data": [ { "version_value": "All versions \u003c V3.15 P018" } ] } }, { "product_name": "SIMATIC WinCC Runtime Advanced", "version": { "version_data": [ { "version_value": "All versions \u003c V15.1 Upd 4" } ] } }, { "product_name": "SINEC NMS", "version": { "version_data": [ { "version_value": "All versions \u003c V1.0 SP1" } ] } }, { "product_name": "SINEMA Server", "version": { "version_data": [ { "version_value": "All versions \u003c V14 SP2" } ] } }, { "product_name": "SINUMERIK OPC UA Server", "version": { "version_data": [ { "version_value": "All versions \u003c V2.1" } ] } }, { "product_name": "TeleControl Server Basic", "version": { "version_data": [ { "version_value": "All versions \u003c V3.1.1" } ] } } ] }, "vendor_name": "Siemens" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-248: Uncaught Exception" } ] } ] }, "references": { "reference_data": [ { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2019-6575", "datePublished": "2019-04-17T13:40:24", "dateReserved": "2019-01-22T00:00:00", "dateUpdated": "2024-08-04T20:23:22.041Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }