All the vulnerabilites related to siemens - opcenter_quality
cve-2023-46284
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2025-01-14 10:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Foundation |
Version: 0 < V2407 |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:45:40.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2407",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2312",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.0 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V14",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V15.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V18 Update 3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T10:29:54.329Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-46284",
"datePublished": "2023-12-12T11:27:15.737Z",
"dateReserved": "2023-10-20T10:29:46.260Z",
"dateUpdated": "2025-01-14T10:29:54.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46282
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2025-01-14 10:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Foundation |
Version: 0 < V2407 |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2407",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2312",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.0 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V14",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V15.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V18 Update 3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T10:29:51.618Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-46282",
"datePublished": "2023-12-12T11:27:13.134Z",
"dateReserved": "2023-10-20T10:29:46.260Z",
"dateUpdated": "2025-01-14T10:29:51.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46285
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2025-01-14 10:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Foundation |
Version: 0 < V2407 |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:45:40.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2407",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2312",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.0 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V14",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V15.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V18 Update 3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T10:29:55.697Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-46285",
"datePublished": "2023-12-12T11:27:17.080Z",
"dateReserved": "2023-10-20T10:29:46.260Z",
"dateUpdated": "2025-01-14T10:29:55.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-27389
Vulnerability from cvelistv5
Published
2021-04-22 20:42
Modified
2024-08-03 20:48
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Quality |
Version: All versions < V12.2 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:16.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V12.2"
}
]
},
{
"product": "QMS Automotive",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V12.30"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Quality (All versions \u003c V12.2), QMS Automotive (All versions \u003c V12.30). A private sign key is shipped with the product without adequate protection."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-22T20:42:21",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-27389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Opcenter Quality",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V12.2"
}
]
}
},
{
"product_name": "QMS Automotive",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V12.30"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality (All versions \u003c V12.2), QMS Automotive (All versions \u003c V12.30). A private sign key is shipped with the product without adequate protection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-321: Use of Hard-coded Cryptographic Key"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-27389",
"datePublished": "2021-04-22T20:42:21",
"dateReserved": "2021-02-18T00:00:00",
"dateUpdated": "2024-08-03T20:48:16.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7587
Vulnerability from cvelistv5
Published
2020-07-14 13:18
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Discrete |
Version: All versions < V3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Opcenter Execution Discrete",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Execution Process",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Intelligence",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V11.3"
}
]
},
{
"product": "Opcenter RD\u0026L",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "V8.0"
}
]
},
{
"product": "SIMATIC IT LMS",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.6"
}
]
},
{
"product": "SIMATIC IT Production Suite",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.0"
}
]
},
{
"product": "SIMATIC Notifier Server for Windows",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0 SP1"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 5"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 2"
}
]
},
{
"product": "SIMOCODE ES V15.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 4"
}
]
},
{
"product": "SIMOCODE ES V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
},
{
"product": "Soft Starter ES V15.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 3"
}
]
},
{
"product": "Soft Starter ES V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC IT LMS (All versions \u003c V2.6), SIMATIC IT Production Suite (All versions \u003c V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T11:16:51",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-7587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Opcenter Execution Discrete",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Execution Foundation",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Execution Process",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Intelligence",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.3"
}
]
}
},
{
"product_name": "Opcenter Quality",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V11.3"
}
]
}
},
{
"product_name": "Opcenter RD\u0026L",
"version": {
"version_data": [
{
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SIMATIC IT LMS",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.6"
}
]
}
},
{
"product_name": "SIMATIC IT Production Suite",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.0"
}
]
}
},
{
"product_name": "SIMATIC Notifier Server for Windows",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS neo",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.0 SP1"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 (TIA Portal) V15",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 5"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 (TIA Portal) V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 2"
}
]
}
},
{
"product_name": "SIMOCODE ES V15.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 4"
}
]
}
},
{
"product_name": "SIMOCODE ES V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 1"
}
]
}
},
{
"product_name": "Soft Starter ES V15.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 3"
}
]
}
},
{
"product_name": "Soft Starter ES V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC IT LMS (All versions \u003c V2.6), SIMATIC IT Production Suite (All versions \u003c V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-7587",
"datePublished": "2020-07-14T13:18:05",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46281
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2025-01-14 10:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Foundation |
Version: 0 < V2407 |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:40.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46281",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:41:24.487753Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:41:45.644Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2407",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2312",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.0 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V14",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V15.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V18 Update 3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-942",
"description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T10:29:50.318Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-46281",
"datePublished": "2023-12-12T11:27:11.796Z",
"dateReserved": "2023-10-20T10:29:46.259Z",
"dateUpdated": "2025-01-14T10:29:50.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-33736
Vulnerability from cvelistv5
Published
2022-07-12 10:06
Modified
2024-08-03 08:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Quality V13.1 |
Version: All versions < V13.1.20220624 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T08:09:22.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Opcenter Quality V13.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.1.20220624"
}
]
},
{
"product": "Opcenter Quality V13.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.2.20220624"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Quality V13.1 (All versions \u003c V13.1.20220624), Opcenter Quality V13.2 (All versions \u003c V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-303",
"description": "CWE-303: Incorrect Implementation of Authentication Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-12T10:06:47",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-33736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Opcenter Quality V13.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13.1.20220624"
}
]
}
},
{
"product_name": "Opcenter Quality V13.2",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13.2.20220624"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Quality V13.1 (All versions \u003c V13.1.20220624), Opcenter Quality V13.2 (All versions \u003c V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-303: Incorrect Implementation of Authentication Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-33736",
"datePublished": "2022-07-12T10:06:47",
"dateReserved": "2022-06-15T00:00:00",
"dateUpdated": "2024-08-03T08:09:22.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7588
Vulnerability from cvelistv5
Published
2020-07-14 13:18
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Discrete |
Version: All versions < V3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Opcenter Execution Discrete",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Execution Process",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Intelligence",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V11.3"
}
]
},
{
"product": "Opcenter RD\u0026L",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "V8.0"
}
]
},
{
"product": "SIMATIC IT LMS",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.6"
}
]
},
{
"product": "SIMATIC IT Production Suite",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.0"
}
]
},
{
"product": "SIMATIC Notifier Server for Windows",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0 SP1"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 5"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 2"
}
]
},
{
"product": "SIMOCODE ES V15.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 4"
}
]
},
{
"product": "SIMOCODE ES V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
},
{
"product": "Soft Starter ES V15.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 3"
}
]
},
{
"product": "Soft Starter ES V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC IT LMS (All versions \u003c V2.6), SIMATIC IT Production Suite (All versions \u003c V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T11:16:56",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-7588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Opcenter Execution Discrete",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Execution Foundation",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Execution Process",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Intelligence",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.3"
}
]
}
},
{
"product_name": "Opcenter Quality",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V11.3"
}
]
}
},
{
"product_name": "Opcenter RD\u0026L",
"version": {
"version_data": [
{
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SIMATIC IT LMS",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.6"
}
]
}
},
{
"product_name": "SIMATIC IT Production Suite",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.0"
}
]
}
},
{
"product_name": "SIMATIC Notifier Server for Windows",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS neo",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.0 SP1"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 (TIA Portal) V15",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 5"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 (TIA Portal) V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 2"
}
]
}
},
{
"product_name": "SIMOCODE ES V15.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 4"
}
]
}
},
{
"product_name": "SIMOCODE ES V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 1"
}
]
}
},
{
"product_name": "Soft Starter ES V15.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 3"
}
]
}
},
{
"product_name": "Soft Starter ES V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC IT LMS (All versions \u003c V2.6), SIMATIC IT Production Suite (All versions \u003c V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-7588",
"datePublished": "2020-07-14T13:18:05",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7581
Vulnerability from cvelistv5
Published
2020-07-14 13:18
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Discrete |
Version: All versions < V3.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Opcenter Execution Discrete",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Execution Process",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2"
}
]
},
{
"product": "Opcenter Intelligence",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3"
}
]
},
{
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V11.3"
}
]
},
{
"product": "Opcenter RD\u0026L",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "V8.0"
}
]
},
{
"product": "SIMATIC Notifier Server for Windows",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0 SP1"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 5"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 2"
}
]
},
{
"product": "SIMOCODE ES V15.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 4"
}
]
},
{
"product": "SIMOCODE ES V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
},
{
"product": "Soft Starter ES V15.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 3"
}
]
},
{
"product": "Soft Starter ES V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T11:16:47",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-7581",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Opcenter Execution Discrete",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Execution Foundation",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Execution Process",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2"
}
]
}
},
{
"product_name": "Opcenter Intelligence",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.3"
}
]
}
},
{
"product_name": "Opcenter Quality",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V11.3"
}
]
}
},
{
"product_name": "Opcenter RD\u0026L",
"version": {
"version_data": [
{
"version_value": "V8.0"
}
]
}
},
{
"product_name": "SIMATIC Notifier Server for Windows",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS neo",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.0 SP1"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 (TIA Portal) V15",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 5"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 (TIA Portal) V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 2"
}
]
}
},
{
"product_name": "SIMOCODE ES V15.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 4"
}
]
}
},
{
"product_name": "SIMOCODE ES V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 1"
}
]
}
},
{
"product_name": "Soft Starter ES V15.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Update 3"
}
]
}
},
{
"product_name": "Soft Starter ES V16",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16 Update 1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-428: Unquoted Search Path or Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-7581",
"datePublished": "2020-07-14T13:18:05",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-46283
Vulnerability from cvelistv5
Published
2023-12-12 11:27
Modified
2025-01-14 10:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | Opcenter Execution Foundation |
Version: 0 < V2407 |
||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:45:40.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Opcenter Execution Foundation",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2407",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Opcenter Quality",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2312",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.0 SP1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V14",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V15.1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V18 Update 3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T10:29:52.922Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-46283",
"datePublished": "2023-12-12T11:27:14.437Z",
"dateReserved": "2023-10-20T10:29:46.260Z",
"dateUpdated": "2025-01-14T10:29:52.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-07-14 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F33BF89C-F36E-4C8F-ABB9-579E2022DDA6",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCE5E06-B75F-4D21-96CC-70DD373B1811",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4DD5C57-5877-495C-A01E-747E5DCED9F7",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9BAFAE-C26A-4435-80C1-508F0A3EF768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB2F53B-817C-41F3-9B52-85DE702ACCE5",
"versionEndExcluding": "11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_rd\\\u0026l:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE037602-C9E8-45D5-9A44-3B73052F478E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "524AE90C-821A-4864-B3B2-33C083B536CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6324685-60ED-44CC-BAEA-3BEEBE681AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "DE74021F-CE57-42CC-8093-E1B0352410FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2190AEE1-7EEA-48A9-B6C7-FF4B3A26008E",
"versionEndIncluding": "15.1",
"versionStartIncluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*",
"matchCriteriaId": "66CB66B9-176E-4FA3-BC67-E7C5972A307C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:16:update_1:*:*:*:*:*:*",
"matchCriteriaId": "4E011D6F-CC5F-4278-80AB-D568730AA041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE934FDC-666F-4D9D-9C03-2896875F0A0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA57190F-97BA-4D1D-BC73-F37162B775F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC IT LMS (All versions \u003c V2.6), SIMATIC IT Production Suite (All versions \u003c V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). Sending a specially crafted packet to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD\u0026amp;L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El env\u00edo de un paquete especialmente dise\u00f1ado al servicio afectado podr\u00eda causar una denegaci\u00f3n de servicio remota parcial, que har\u00eda que el servicio se reiniciara"
}
],
"id": "CVE-2020-7588",
"lastModified": "2024-11-21T05:37:25.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-14T14:15:18.993",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-14 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F33BF89C-F36E-4C8F-ABB9-579E2022DDA6",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCE5E06-B75F-4D21-96CC-70DD373B1811",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4DD5C57-5877-495C-A01E-747E5DCED9F7",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9BAFAE-C26A-4435-80C1-508F0A3EF768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB2F53B-817C-41F3-9B52-85DE702ACCE5",
"versionEndExcluding": "11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_rd\\\u0026l:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE037602-C9E8-45D5-9A44-3B73052F478E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "DE74021F-CE57-42CC-8093-E1B0352410FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D968D9-2A64-4E1C-824F-6508AEC6789D",
"versionEndExcluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*",
"matchCriteriaId": "66CB66B9-176E-4FA3-BC67-E7C5972A307C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*",
"matchCriteriaId": "EF2D6947-576B-4CA7-B4E4-F0B428FA5ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE934FDC-666F-4D9D-9C03-2896875F0A0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA57190F-97BA-4D1D-BC73-F37162B775F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). A component within the affected application calls a helper binary with SYSTEM privileges during startup while the call path is not quoted. This could allow a local attacker with administrative privileges to execute code with SYSTEM level privileges."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD\u0026amp;L (V8.0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3. 0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15.1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). Un componente dentro de la aplicaci\u00f3n afectada llama a un binario de ayuda con privilegios de SISTEMA durante el inicio mientras la ruta de llamada no est\u00e1 citada. Esto podr\u00eda permitir a un atacante local con privilegios administrativos ejecutar c\u00f3digo con privilegios de nivel SYSTEM"
}
],
"id": "CVE-2020-7581",
"lastModified": "2024-11-21T05:37:24.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-14T14:15:18.587",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-22 21:15
Modified
2024-11-21 05:57
Severity ?
Summary
A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive (All versions < V12.30). A private sign key is shipped with the product without adequate protection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | opcenter_quality | * | |
| siemens | qms_automotive | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8374434A-5309-4C0D-A768-386CFD1E7523",
"versionEndExcluding": "12.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:qms_automotive:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1103918-45CF-4B0A-B386-8E0B7D0A273E",
"versionEndExcluding": "12.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Quality (All versions \u003c V12.2), QMS Automotive (All versions \u003c V12.30). A private sign key is shipped with the product without adequate protection."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Opcenter Quality (Todas las versiones anteriores a V12.2), QMS Automotive (Todas las versiones anteriores a V12.30).\u0026#xa0;Una clave de se\u00f1al privada es enviada con el producto sin la protecci\u00f3n adecuada"
}
],
"id": "CVE-2021-27389",
"lastModified": "2024-11-21T05:57:53.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-22T21:15:10.333",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-788287.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-321"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-12 10:15
Modified
2024-11-21 07:08
Severity ?
Summary
A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | opcenter_quality | * | |
| siemens | opcenter_quality | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A15CE102-4776-4D10-8AF2-8F4401AB7797",
"versionEndExcluding": "13.1.20220624",
"versionStartIncluding": "13.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A01A975E-7898-4E21-AFCA-A786D546D959",
"versionEndExcluding": "13.2.20220624",
"versionStartIncluding": "13.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Quality V13.1 (All versions \u003c V13.1.20220624), Opcenter Quality V13.2 (All versions \u003c V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Opcenter Quality V13.1 (Todas las versiones anteriores a V13.1.20220624), Opcenter Quality V13.2 (Todas las versiones anteriores a V13.2.20220624). Las aplicaciones afectadas no comprueban apropiadamente la informaci\u00f3n de inicio de sesi\u00f3n durante la autenticaci\u00f3n. Esto podr\u00eda conllevar a una condici\u00f3n de denegaci\u00f3n de servicio para usuarios existentes o permitir a atacantes remotos no autenticados iniciar sesi\u00f3n con \u00e9xito sin credenciales"
}
],
"id": "CVE-2022-33736",
"lastModified": "2024-11-21T07:08:26.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-12T10:15:10.813",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-303"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:28
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D89CD-FDA5-42F0-8161-3752C8AED7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96D49ACA-BF2E-4C89-8168-E4A95D5B22AA",
"versionEndExcluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\\/automotive:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D882C3C8-EFE7-4DB6-B3E7-6152D7FEB74C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29E53F22-9086-40A2-85E0-20B58EC1E4BB",
"versionEndExcluding": "15",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F86DBB7-A5C7-43C4-8B64-0B67C90B79A8",
"versionEndExcluding": "16",
"versionStartIncluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCF747-13ED-4AE7-9BE7-37858573AF27",
"versionEndExcluding": "17",
"versionStartIncluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83587B9-53E2-4B2F-9FE4-5DDD232571F6",
"versionEndExcluding": "18",
"versionStartIncluding": "17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "085B0B91-40DE-4328-A28C-1C920A6440D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
"matchCriteriaId": "68C7D9A3-9304-4A81-A970-717E5BA1ECF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1:*:*:*:*:*:*",
"matchCriteriaId": "6A09C712-871D-4A81-A630-33BC5DF49FE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nOpcenter Quality (todas las versiones), \nSIMATIC PCS neo (todas las versiones \u0026lt; V4.1), \nSINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones "
}
],
"id": "CVE-2023-46283",
"lastModified": "2024-11-21T08:28:13.617",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:14.067",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:28
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D89CD-FDA5-42F0-8161-3752C8AED7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96D49ACA-BF2E-4C89-8168-E4A95D5B22AA",
"versionEndExcluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\\/automotive:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D882C3C8-EFE7-4DB6-B3E7-6152D7FEB74C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29E53F22-9086-40A2-85E0-20B58EC1E4BB",
"versionEndExcluding": "15",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F86DBB7-A5C7-43C4-8B64-0B67C90B79A8",
"versionEndExcluding": "16",
"versionStartIncluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCF747-13ED-4AE7-9BE7-37858573AF27",
"versionEndExcluding": "17",
"versionStartIncluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83587B9-53E2-4B2F-9FE4-5DDD232571F6",
"versionEndExcluding": "18",
"versionStartIncluding": "17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "085B0B91-40DE-4328-A28C-1C920A6440D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
"matchCriteriaId": "68C7D9A3-9304-4A81-A970-717E5BA1ECF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1:*:*:*:*:*:*",
"matchCriteriaId": "6A09C712-871D-4A81-A630-33BC5DF49FE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). The affected application contains an out of bounds write past the end of an allocated buffer when handling specific requests on port 4002/tcp and 4004/tcp. This could allow an attacker to crash the application. The corresponding service is auto-restarted after the crash."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nOpcenter Quality (todas las versiones), \nSIMATIC PCS neo (todas las versiones \u0026lt; V4.1), \nSINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones "
}
],
"id": "CVE-2023-46284",
"lastModified": "2024-11-21T08:28:13.760",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:14.273",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:28
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D89CD-FDA5-42F0-8161-3752C8AED7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96D49ACA-BF2E-4C89-8168-E4A95D5B22AA",
"versionEndExcluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\\/automotive:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D882C3C8-EFE7-4DB6-B3E7-6152D7FEB74C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29E53F22-9086-40A2-85E0-20B58EC1E4BB",
"versionEndExcluding": "15",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F86DBB7-A5C7-43C4-8B64-0B67C90B79A8",
"versionEndExcluding": "16",
"versionStartIncluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCF747-13ED-4AE7-9BE7-37858573AF27",
"versionEndExcluding": "17",
"versionStartIncluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83587B9-53E2-4B2F-9FE4-5DDD232571F6",
"versionEndExcluding": "18",
"versionStartIncluding": "17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "085B0B91-40DE-4328-A28C-1C920A6440D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
"matchCriteriaId": "68C7D9A3-9304-4A81-A970-717E5BA1ECF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1:*:*:*:*:*:*",
"matchCriteriaId": "6A09C712-871D-4A81-A630-33BC5DF49FE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected applications that could allow an attacker to inject arbitrary JavaScript code. The code could be potentially executed later by another (possibly privileged) user."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nOpcenter Quality (todas las versiones), \nSIMATIC PCS neo (todas las versiones \u0026lt; V4.1), \nSINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones "
}
],
"id": "CVE-2023-46282",
"lastModified": "2024-11-21T08:28:13.473",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.5,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:13.870",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:28
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D89CD-FDA5-42F0-8161-3752C8AED7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96D49ACA-BF2E-4C89-8168-E4A95D5B22AA",
"versionEndExcluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\\/automotive:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D882C3C8-EFE7-4DB6-B3E7-6152D7FEB74C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29E53F22-9086-40A2-85E0-20B58EC1E4BB",
"versionEndExcluding": "15",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F86DBB7-A5C7-43C4-8B64-0B67C90B79A8",
"versionEndExcluding": "16",
"versionStartIncluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCF747-13ED-4AE7-9BE7-37858573AF27",
"versionEndExcluding": "17",
"versionStartIncluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83587B9-53E2-4B2F-9FE4-5DDD232571F6",
"versionEndExcluding": "18",
"versionStartIncluding": "17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "085B0B91-40DE-4328-A28C-1C920A6440D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
"matchCriteriaId": "68C7D9A3-9304-4A81-A970-717E5BA1ECF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1:*:*:*:*:*:*",
"matchCriteriaId": "6A09C712-871D-4A81-A630-33BC5DF49FE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). The affected application contains an improper input validation vulnerability that could allow an attacker to bring the service into a Denial-of-Service state by sending a specifically crafted message to 4004/tcp. The corresponding service is auto-restarted after the crash is detected by a watchdog."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nOpcenter Quality (todas las versiones), \nSIMATIC PCS neo (todas las versiones \u0026lt; V4.1), \nSINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones "
}
],
"id": "CVE-2023-46285",
"lastModified": "2024-11-21T08:28:13.877",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:14.477",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-12-12 12:15
Modified
2024-11-21 08:28
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2407), Opcenter Quality (All versions < V2312), SIMATIC PCS neo (All versions < V4.1), SINEC NMS (All versions < V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9D89CD-FDA5-42F0-8161-3752C8AED7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96D49ACA-BF2E-4C89-8168-E4A95D5B22AA",
"versionEndExcluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_integrate_runmyhmi_\\/automotive:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D882C3C8-EFE7-4DB6-B3E7-6152D7FEB74C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29E53F22-9086-40A2-85E0-20B58EC1E4BB",
"versionEndExcluding": "15",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F86DBB7-A5C7-43C4-8B64-0B67C90B79A8",
"versionEndExcluding": "16",
"versionStartIncluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BCF747-13ED-4AE7-9BE7-37858573AF27",
"versionEndExcluding": "17",
"versionStartIncluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C83587B9-53E2-4B2F-9FE4-5DDD232571F6",
"versionEndExcluding": "18",
"versionStartIncluding": "17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:-:*:*:*:*:*:*:*",
"matchCriteriaId": "085B0B91-40DE-4328-A28C-1C920A6440D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
"matchCriteriaId": "68C7D9A3-9304-4A81-A970-717E5BA1ECF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:update_1:*:*:*:*:*:*",
"matchCriteriaId": "6A09C712-871D-4A81-A630-33BC5DF49FE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Foundation (All versions \u003c V2407), Opcenter Quality (All versions \u003c V2312), SIMATIC PCS neo (All versions \u003c V4.1), SINEC NMS (All versions \u003c V2.0 SP1), Totally Integrated Automation Portal (TIA Portal) V14 (All versions), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 8), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 3). When accessing the UMC Web-UI from affected products, UMC uses an overly permissive CORS policy. This could allow an attacker to trick a legitimate user to trigger unwanted behavior."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en:\nOpcenter Quality (todas las versiones), \nSIMATIC PCS neo (todas las versiones \u0026lt; V4.1), \nSINUMERIK Integrate RunMyHMI /Automotive (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V14 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V15.1 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V16 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) V17 (todas las versiones), \nTotally Integrated Automation Portal (TIA Portal) ) V18 (Todas las versiones "
}
],
"id": "CVE-2023-46281",
"lastModified": "2024-11-21T08:28:13.317",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.5,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-12T12:15:13.653",
"references": [
{
"source": "productcert@siemens.com",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-999588.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-999588.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-942"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-14 14:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in Opcenter Execution Discrete (All versions < V3.2), Opcenter Execution Foundation (All versions < V3.2), Opcenter Execution Process (All versions < V3.2), Opcenter Intelligence (All versions < V3.3), Opcenter Quality (All versions < V11.3), Opcenter RD&L (V8.0), SIMATIC IT LMS (All versions < V2.6), SIMATIC IT Production Suite (All versions < V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMOCODE ES V15.1 (All versions < V15.1 Update 4), SIMOCODE ES V16 (All versions < V16 Update 1), Soft Starter ES V15.1 (All versions < V15.1 Update 3), Soft Starter ES V16 (All versions < V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_discrete:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F33BF89C-F36E-4C8F-ABB9-579E2022DDA6",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCE5E06-B75F-4D21-96CC-70DD373B1811",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_execution_process:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4DD5C57-5877-495C-A01E-747E5DCED9F7",
"versionEndExcluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E927136F-3870-47AD-BE56-C83FBD7BB7E9",
"versionEndExcluding": "3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_quality:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DB2F53B-817C-41F3-9B52-85DE702ACCE5",
"versionEndExcluding": "11.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_rd\\\u0026l:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE037602-C9E8-45D5-9A44-3B73052F478E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_it_lms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F8E56A4-77DB-4938-93E5-2CA22222FD6A",
"versionEndExcluding": "2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_it_production_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "218D5A8B-FC2D-440C-B853-35E93A025A6E",
"versionEndExcluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_notifier_server:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "DE74021F-CE57-42CC-8093-E1B0352410FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32A732D2-5E9E-4C8B-93C1-2E0BEBA7B327",
"versionEndExcluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B275D75A-1869-4660-A1FF-837A9C0F874B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6729BE2B-6729-4041-BC8C-2AD039467B9A",
"versionEndExcluding": "15.1",
"versionStartIncluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C470C8EF-BBF5-4940-944E-2460BA6D8A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:16:-:*:*:*:*:*:*",
"matchCriteriaId": "66CB66B9-176E-4FA3-BC67-E7C5972A307C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:16:update1:*:*:*:*:*:*",
"matchCriteriaId": "EF2D6947-576B-4CA7-B4E4-F0B428FA5ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simocode_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "098E9BE1-D698-4DE5-96C1-DF0B3806C935",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simocode_es:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "8DA3C5DB-8D27-4CDD-AA93-ABE1EE021CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simocode_es:16:-:*:*:*:*:*:*",
"matchCriteriaId": "8829878A-34E1-44D5-B4BC-12CF67CB58C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:soft_starter_es:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E0C95F-8201-4F04-99A6-62B9684BF35F",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:soft_starter_es:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7039A3C6-5DE3-4980-8A2F-A05928561673",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Opcenter Execution Discrete (All versions \u003c V3.2), Opcenter Execution Foundation (All versions \u003c V3.2), Opcenter Execution Process (All versions \u003c V3.2), Opcenter Intelligence (All versions \u003c V3.3), Opcenter Quality (All versions \u003c V11.3), Opcenter RD\u0026L (V8.0), SIMATIC IT LMS (All versions \u003c V2.6), SIMATIC IT Production Suite (All versions \u003c V8.0), SIMATIC Notifier Server for Windows (All versions), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMOCODE ES V15.1 (All versions \u003c V15.1 Update 4), SIMOCODE ES V16 (All versions \u003c V16 Update 1), Soft Starter ES V15.1 (All versions \u003c V15.1 Update 3), Soft Starter ES V16 (All versions \u003c V16 Update 1). Sending multiple specially crafted packets to the affected service could cause a partial remote denial-of-service, that would cause the service to restart itself. On some cases the vulnerability could leak random information from the remote service."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Opcenter Execution Discrete (Todas las versiones anteriores a V3.2), Opcenter Execution Foundation (Todas las versiones anteriores a V3.2), Opcenter Execution Process (Todas las versiones anteriores a V3.2), Opcenter Intelligence (Todas las versiones anteriores a V3.3), Opcenter Quality (Todas las versiones anteriores a V11.3), Opcenter RD\u0026amp;L (V8.0), SIMATIC IT LMS (Todas las versiones anteriores a V2.6), SIMATIC IT Production Suite (Todas las versiones anteriores a V8. 0), SIMATIC Notifier Server for Windows (Todas las versiones), SIMATIC PCS neo (Todas las versiones anteriores a V3.0 SP1), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 2), SIMOCODE ES V15. 1 (Todas las versiones anteriores a V15.1 Update 4), SIMOCODE ES V16 (Todas las versiones anteriores a V16 Update 1), Soft Starter ES V15.1 (Todas las versiones anteriores a V15.1 Update 3), Soft Starter ES V16 (Todas las versiones anteriores a V16 Update 1). El env\u00edo de m\u00faltiples paquetes especialmente dise\u00f1ados al servicio afectado podr\u00eda causar una denegaci\u00f3n de servicio remota parcial, que har\u00eda que el servicio se reiniciara. En algunos casos la vulnerabilidad podr\u00eda filtrar informaci\u00f3n aleatoria del servicio remoto"
}
],
"id": "CVE-2020-7587",
"lastModified": "2024-11-21T05:37:25.533",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-14T14:15:18.930",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-841348.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}