Search criteria

45 vulnerabilities found for simatic_hmi_ktp_mobile_panels_ktp400f_firmware by siemens

FKIE_CVE-2021-27384

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfPatch, Vendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-11Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones anteriores), SINAMICS GL150 (with option X30) (Todas las versiones anteriores), SINAMICS GM150 (with option X30) (Todas las versiones anteriores), SINAMICS SH150 (Todas las versiones anteriores), SINAMICS SL150 (Todas las versiones anteriores), SINAMICS SM120 (Todas las versiones anteriores), SINAMICS SM150 (Todas las versiones anteriores), SINAMICS SM150i (Todas las versiones anteriores). SmartVNC tiene una vulnerabilidad de acceso a memoria fuera de l\u00edmites en el manejador de dise\u00f1o del dispositivo, representado por un flujo de datos binarios en el lado del cliente, que potencialmente puede resultar en la ejecuci\u00f3n de c\u00f3digo"
    }
  ],
  "id": "CVE-2021-27384",
  "lastModified": "2024-11-21T05:57:53.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.677",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-25660

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:55
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfPatch, Vendor Advisory
Impacted products
Vendor Product Version
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" y 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). SmartVNC presenta una vulnerabilidad de acceso a la memoria fuera de l\u00edmites que podr\u00eda ser desencadenada en el lado del servidor al enviar datos desde el cliente, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-25660",
  "lastModified": "2024-11-21T05:55:14.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.253",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2021-25662

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:55
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). El cliente SmartVNC presenta un fallo al manejar una excepci\u00f3n apropiadamente si el proceso de ejecuci\u00f3n del programa es modificado despu\u00e9s de enviar un paquete desde el servidor, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-25662",
  "lastModified": "2024-11-21T05:55:14.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.343",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-27385

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). Un atacante remoto podr\u00eda enviar paquetes especialmente dise\u00f1ados al manejador de dise\u00f1o de dispositivos SmartVNC en el lado del cliente, lo que podr\u00eda influir en la cantidad de recursos consumidos y dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio (bucle infinito)"
    }
  ],
  "id": "CVE-2021-27385",
  "lastModified": "2024-11-21T05:57:53.380",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.727",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-25661

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:55
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). SmartVNC tiene una vulnerabilidad de acceso a la memoria fuera de los l\u00edmites que podr\u00eda activarse en el lado del cliente al enviar datos desde el servidor, lo que podr\u00eda dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-25661",
  "lastModified": "2024-11-21T05:55:14.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.300",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-27383

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con la opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (with option X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). SmartVNC tiene una vulnerabilidad de fuga de asignaci\u00f3n de heap en el codificador Tight del servidor, que podr\u00eda dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-27383",
  "lastModified": "2024-11-21T05:57:53.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.633",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2021-27386

Vulnerability from fkie_nvd - Published: 2021-05-12 14:15 - Updated: 2024-11-21 05:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.
References
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
productcert@siemens.comhttps://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens simatic_wincc_runtime_advanced 16
siemens sinamics_sh150_firmware *
siemens sinamics_sh150 -
siemens sinamics_sm150i_firmware *
siemens sinamics_sm150i -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150 -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 16
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\"_firmware 16
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\"_firmware 16
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 16
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_7\" -
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware *
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\"_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels_15\" -
siemens simatic_hmi_comfort_panels_4\"_firmware *
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\"_firmware 15.1
siemens simatic_hmi_comfort_panels_4\" -
siemens simatic_hmi_comfort_panels_22\"_firmware *
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\"_firmware 15.1
siemens simatic_hmi_comfort_panels_22\" -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). SmartVNC presenta una vulnerabilidad de fuga de asignaci\u00f3n de la pila en el manejador de dise\u00f1o del dispositivo en el lado del cliente, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-27386",
  "lastModified": "2024-11-21T05:57:53.533",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.767",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2019-6576

Vulnerability from fkie_nvd - Published: 2019-05-14 20:29 - Updated: 2024-11-21 04:46
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known.
References
productcert@siemens.comhttp://www.securityfocus.com/bid/108412
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdfVendor Advisory
productcert@siemens.comhttps://www.us-cert.gov/ics/advisories/ICSA-19-134-09
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108412
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.us-cert.gov/ics/advisories/ICSA-19-134-09
Impacted products
Vendor Product Version
siemens simatic_hmi_comfort_panels_firmware *
siemens simatic_hmi_comfort_panels -
siemens simatic_hmi_comfort_outdoor_panels_firmware *
siemens simatic_hmi_comfort_outdoor_panels -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_\(tia_portal\) *
siemens simatic_wincc_runtime *
siemens simatic_wincc_runtime *
siemens simatic_hmi_tp_firmware *
siemens simatic_hmi_tp -
siemens simatic_hmi_mp_firmware *
siemens simatic_hmi_mp -
siemens simatic_hmi_op_firmware *
siemens simatic_hmi_op -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82389DAA-8D03-4806-AF86-87A1627A972F",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "C24C17B5-C379-4FD1-BA9F-38B2A329F254",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "24939BB3-7D99-4812-9EF8-65FE1FC9CCD8",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
    },
    {
      "lang": "es",
      "value": "Ha sido identificada una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (Todas las versiones). Un atacante con acceso de red a los dispositivos afectados podr\u00eda obtener una clave de sesi\u00f3n TLS. Si el atacante puede observar el tr\u00e1fico TLS entre un usuario leg\u00edtimo y el dispositivo, entonces el atacante podr\u00eda descifrar el tr\u00e1fico TLS. La vulnerabilidad de la seguridad podr\u00eda ser explotada por un atacante que tenga acceso de red a la interfaz web del dispositivo y que pueda observar el tr\u00e1fico TLS entre usuarios leg\u00edtimos y la interfaz web del dispositivo afectado. La vulnerabilidad podr\u00eda afectar la confidencialidad de la comunicaci\u00f3n entre el dispositivo afectado y un usuario leg\u00edtimo. En el momento de la publicaci\u00f3n de asesoramiento, no se conoc\u00eda la explotaci\u00f3n p\u00fablica de la vulnerabilidad de seguridad."
    }
  ],
  "id": "CVE-2019-6576",
  "lastModified": "2024-11-21T04:46:44.130",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-14T20:29:04.560",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2019-6572

Vulnerability from fkie_nvd - Published: 2019-05-14 20:29 - Updated: 2024-11-21 04:46
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
productcert@siemens.comhttp://www.securityfocus.com/bid/108412Third Party Advisory, VDB Entry
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdfVendor Advisory
productcert@siemens.comhttps://www.us-cert.gov/ics/advisories/ICSA-19-134-09Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108412Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.us-cert.gov/ics/advisories/ICSA-19-134-09Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
siemens simatic_hmi_comfort_panels_firmware *
siemens simatic_hmi_comfort_panels -
siemens simatic_hmi_comfort_outdoor_panels_firmware *
siemens simatic_hmi_comfort_outdoor_panels -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_\(tia_portal\) *
siemens simatic_wincc_runtime *
siemens simatic_wincc_runtime *
siemens simatic_hmi_tp_firmware *
siemens simatic_hmi_tp -
siemens simatic_hmi_mp_firmware *
siemens simatic_hmi_mp -
siemens simatic_hmi_op_firmware *
siemens simatic_hmi_op -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82389DAA-8D03-4806-AF86-87A1627A972F",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "C24C17B5-C379-4FD1-BA9F-38B2A329F254",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "24939BB3-7D99-4812-9EF8-65FE1FC9CCD8",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
    },
    {
      "lang": "es",
      "value": "Ha sido identificada una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (Todas las versiones). El dispositivo afectado ofrec\u00eda capacidades de lectura y escritura de SNMP con una cadena de comunidad codificada p\u00fablicamente. La vulnerabilidad de la seguridad podr\u00eda ser explotada por un atacante con acceso de red al dispositivo afectado. La explotaci\u00f3n con \u00e9xito no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la confidencialidad y la integridad del sistema afectado. En el momento de la publicaci\u00f3n de asesoramiento, no se conoc\u00eda la explotaci\u00f3n p\u00fablica de esta vulnerabilidad de seguridad."
    }
  ],
  "id": "CVE-2019-6572",
  "lastModified": "2024-11-21T04:46:43.653",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-14T20:29:04.200",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2019-6577

Vulnerability from fkie_nvd - Published: 2019-05-14 20:29 - Updated: 2024-11-21 04:46
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known.
References
productcert@siemens.comhttp://www.securityfocus.com/bid/108412
productcert@siemens.comhttps://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdfVendor Advisory
productcert@siemens.comhttps://www.us-cert.gov/ics/advisories/ICSA-19-134-09
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108412
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.us-cert.gov/ics/advisories/ICSA-19-134-09
Impacted products
Vendor Product Version
siemens simatic_hmi_comfort_panels_firmware *
siemens simatic_hmi_comfort_panels -
siemens simatic_hmi_comfort_outdoor_panels_firmware *
siemens simatic_hmi_comfort_outdoor_panels -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_wincc_\(tia_portal\) *
siemens simatic_wincc_runtime *
siemens simatic_wincc_runtime *
siemens simatic_hmi_tp_firmware *
siemens simatic_hmi_tp -
siemens simatic_hmi_mp_firmware *
siemens simatic_hmi_mp -
siemens simatic_hmi_op_firmware *
siemens simatic_hmi_op -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82389DAA-8D03-4806-AF86-87A1627A972F",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "C24C17B5-C379-4FD1-BA9F-38B2A329F254",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "24939BB3-7D99-4812-9EF8-65FE1FC9CCD8",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
    },
    {
      "lang": "es",
      "value": "Ha sido identificada una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (Todas las versiones). El servidor web integrado podr\u00eda permitir ataques de Cross-Site Scripting (XSS) si un atacante puede modificar partes particulares de la configuraci\u00f3n del dispositivo por medio de SNMP. La vulnerabilidad de la seguridad podr\u00eda ser explotada por un atacante con acceso de red al sistema afectado. La explotaci\u00f3n con \u00e9xito requiere privilegios del sistema e interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la confidencialidad y la integridad del sistema afectado. En la etapa de publicaci\u00f3n de este aviso de seguridad no se conoce ninguna explotaci\u00f3n p\u00fablica."
    }
  ],
  "id": "CVE-2019-6577",
  "lastModified": "2024-11-21T04:46:44.267",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-14T20:29:04.623",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-80"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2021-27386 (GCVE-0-2021-27386)

Vulnerability from cvelistv5 ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:18",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27386",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27386",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27385 (GCVE-0-2021-27385)

Vulnerability from cvelistv5 ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.
Severity ?
No CVSS data available.
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:17",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27385",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27385",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25660 (GCVE-0-2021-25660)

Vulnerability from cvelistv5 ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:11",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25660",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25660",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25662 (GCVE-0-2021-25662)

Vulnerability from cvelistv5 ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:14",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25662",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755: Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25662",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27383 (GCVE-0-2021-27383)

Vulnerability from cvelistv5 ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:15",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27383",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770: Allocation of Resources Without Limits or Throttling"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27383",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27384 (GCVE-0-2021-27384)

Vulnerability from cvelistv5 ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:16",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27384",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25661 (GCVE-0-2021-25661)

Vulnerability from cvelistv5 ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25661",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25661",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6576 (GCVE-0-2019-6576)

Vulnerability from cvelistv5 ā€“ Published: 2019-05-14 19:54 ā€“ Updated: 2024-08-04 20:23
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Comfort Panels 4" - 22" Affected: All versions < V15.1 Update 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.141Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-310",
              "description": "CWE-310: Cryptographic Issues",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:26:04",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6576",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-310: Cryptographic Issues"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6576",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6572 (GCVE-0-2019-6572)

Vulnerability from cvelistv5 ā€“ Published: 2019-05-14 19:54 ā€“ Updated: 2024-08-04 20:23
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Comfort Panels 4" - 22" Affected: All versions < V15.1 Update 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.238Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:25:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6572",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200: Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6572",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.238Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6577 (GCVE-0-2019-6577)

Vulnerability from cvelistv5 ā€“ Published: 2019-05-14 19:54 ā€“ Updated: 2024-08-04 20:23
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known.
Severity ?
No CVSS data available.
CWE
  • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Comfort Panels 4" - 22" Affected: All versions < V15.1 Update 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.189Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:27:02",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6577",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6577",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27386 (GCVE-0-2021-27386)

Vulnerability from nvd ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:18",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27386",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27386",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27385 (GCVE-0-2021-27385)

Vulnerability from nvd ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.
Severity ?
No CVSS data available.
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:17",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27385",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27385",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25660 (GCVE-0-2021-25660)

Vulnerability from nvd ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:11",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25660",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25660",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25662 (GCVE-0-2021-25662)

Vulnerability from nvd ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:14",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25662",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755: Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25662",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27383 (GCVE-0-2021-27383)

Vulnerability from nvd ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:15",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27383",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770: Allocation of Resources Without Limits or Throttling"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27383",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-27384 (GCVE-0-2021-27384)

Vulnerability from nvd ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:48
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V15 Affected: All versions < V15.1 Update 6
Create a notification for this product.
    Siemens SIMATIC WinCC Runtime Advanced V16 Affected: All versions < V16 Update 4
Create a notification for this product.
    Siemens SINAMICS GH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GL150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS GM150 (with option X30) Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SH150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SL150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM120 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150 Affected: All versions
Create a notification for this product.
    Siemens SINAMICS SM150i Affected: All versions
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:16",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27384",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-25661 (GCVE-0-2021-25661)

Vulnerability from nvd ā€“ Published: 2021-05-12 13:18 ā€“ Updated: 2024-08-03 20:11
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.
Severity ?
No CVSS data available.
CWE
  • CWE-788 - Access of Memory Location After End of Buffer
Assigner
References
Impacted products
Vendor Product Version
Siemens SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) Affected: All versions < V15.1 Update 6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25661",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25661",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6576 (GCVE-0-2019-6576)

Vulnerability from nvd ā€“ Published: 2019-05-14 19:54 ā€“ Updated: 2024-08-04 20:23
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Comfort Panels 4" - 22" Affected: All versions < V15.1 Update 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.141Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-310",
              "description": "CWE-310: Cryptographic Issues",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:26:04",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6576",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-310: Cryptographic Issues"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6576",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6572 (GCVE-0-2019-6572)

Vulnerability from nvd ā€“ Published: 2019-05-14 19:54 ā€“ Updated: 2024-08-04 20:23
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Comfort Panels 4" - 22" Affected: All versions < V15.1 Update 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.238Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:25:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6572",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200: Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6572",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.238Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-6577 (GCVE-0-2019-6577)

Vulnerability from nvd ā€“ Published: 2019-05-14 19:54 ā€“ Updated: 2024-08-04 20:23
VLAI?
Summary
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known.
Severity ?
No CVSS data available.
CWE
  • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
Vendor Product Version
Siemens AG SIMATIC HMI Comfort Panels 4" - 22" Affected: All versions < V15.1 Update 1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.189Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:27:02",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6577",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6577",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}