Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2021-05-12 14:15

Modified

2024-11-21 05:57

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
productcert@siemens.com	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	sinamics_sh150_firmware	*
siemens	sinamics_sh150	-
siemens	sinamics_sm150i_firmware	*
siemens	sinamics_sm150i	-
siemens	sinamics_gh150_firmware	*
siemens	sinamics_gh150	-
siemens	sinamics_gl150_firmware	*
siemens	sinamics_gl150	-
siemens	sinamics_gm150_firmware	*
siemens	sinamics_gm150	-
siemens	sinamics_sl150_firmware	*
siemens	sinamics_sl150	-
siemens	sinamics_sm120_firmware	*
siemens	sinamics_sm120	-
siemens	sinamics_sm150_firmware	*
siemens	sinamics_sm150	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). SmartVNC presenta una vulnerabilidad de fuga de asignaci\u00f3n de la pila en el manejador de dise\u00f1o del dispositivo en el lado del cliente, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-27386",
  "lastModified": "2024-11-21T05:57:53.533",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.767",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-04-17 14:29

Modified

2024-11-21 04:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	cp1604_firmware	*
siemens	cp1604	-
siemens	cp1616_firmware	*
siemens	cp1616	-
siemens	simatic_rf185c_firmware	*
siemens	simatic_rf185c	-
siemens	simatic_cp343-1_advanced_firmware	*
siemens	simatic_cp343-1_advanced	-
siemens	simatic_cp443-1_firmware	*
siemens	simatic_cp443-1	-
siemens	simatic_cp443-1_advanced_firmware	*
siemens	simatic_cp443-1_advanced	-
siemens	simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware	*
siemens	simatic_et_200_sp_open_controller_cpu_1515sp_pc	-
siemens	simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware	*
siemens	simatic_et_200_sp_open_controller_cpu_1515sp_pc2	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_comfort_panels_firmware	*
siemens	simatic_hmi_comfort_panels_firmware	15.1
siemens	simatic_hmi_comfort_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_cp443-1_opc_ua	*
siemens	simatic_ipc_diagmonitor	*
siemens	simatic_s7-1500_software_controller	*
siemens	simatic_s7-plcsim_advanced	*
siemens	simatic_s7-plcsim_advanced	2.0
siemens	simatic_s7-plcsim_advanced	2.0
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	sitop_manager	*
siemens	simatic_rf600r_firmware	*
siemens	simatic_rf600r	-
siemens	simatic_rf188c_firmware	*
siemens	simatic_rf188c	-
siemens	simatic_rf186c_firmware	*
siemens	simatic_rf186c	-
siemens	simatic_rf182c_firmware	*
siemens	simatic_rf182c	-
siemens	simatic_rf181-eip_firmware	*
siemens	simatic_rf181-eip	-
siemens	simatic_s7-1500_firmware	*
siemens	simatic_s7-1500	-
siemens	simatic_s7-300_firmware	*
siemens	simatic_s7-300	-
siemens	simatic_s7-400_pn_firmware	*
siemens	simatic_s7-400_pn	-
siemens	simatic_s7-400_pn\/dp_firmware	*
siemens	simatic_s7-400_pn\/dp	-
siemens	simatic_teleservice_adapter_ie_advanced_firmware	*
siemens	simatic_teleservice_adapter_ie_advanced	-
siemens	simatic_teleservice_adapter_ie_basic_firmware	*
siemens	simatic_teleservice_adapter_ie_basic	-
siemens	simatic_teleservice_adapter_ie_standard_firmware	*
siemens	simatic_teleservice_adapter_ie_standard	-
siemens	simatic_winac_rtx_firmware	*
siemens	simatic_winac_rtx_firmware	2010
siemens	simatic_winac_rtx	-
siemens	simocode_pro_v_eip_firmware	*
siemens	simocode_pro_v_eip	-
siemens	simocode_pro_v_pn_firmware	*
siemens	simocode_pro_v_pn	-
siemens	sinamics_g130_firmware	*
siemens	sinamics_g130	-
siemens	sinamics_g150_firmware	*
siemens	sinamics_g150	-
siemens	sinamics_s120_firmware	*
siemens	sinamics_s120	-
siemens	sinamics_s150_firmware	*
siemens	sinamics_s150_firmware	5.1
siemens	sinamics_s150_firmware	5.1
siemens	sinamics_s150_firmware	5.1
siemens	sinamics_s150	-
siemens	sinamics_s210_firmware	*
siemens	sinamics_s210_firmware	5.1
siemens	sinamics_s210_firmware	5.1
siemens	sinamics_s210	-
siemens	sitop_psu8600_firmware	*
siemens	sitop_psu8600	-
siemens	sitop_ups1600_firmware	*
siemens	sitop_ups1600	-
siemens	tim_1531_irc_firmware	*
siemens	tim_1531_irc	-
siemens	simatic_s7-1500f_firmware	*
siemens	simatic_s7-1500f	-
siemens	simatic_s7-1500s_firmware	*
siemens	simatic_s7-1500s	-
siemens	simatic_s7-1500t_firmware	*
siemens	simatic_s7-1500t	-
siemens	sinamics_gh150_firmware	*
siemens	sinamics_gh150_firmware	4.8
siemens	sinamics_gh150	-
siemens	sinamics_gl150_firmware	*
siemens	sinamics_gl150_firmware	4.8
siemens	sinamics_gl150	-
siemens	sinamics_gm150_firmware	*
siemens	sinamics_gm150_firmware	4.8
siemens	sinamics_gm150	-
siemens	sinamics_sl150_firmware	*
siemens	sinamics_sl150_firmware	4.8
siemens	sinamics_sl150	-
siemens	sinamics_sm120_firmware	*
siemens	sinamics_sm120_firmware	4.8
siemens	sinamics_sm120	-
siemens	sinamics_sm150_firmware	*
siemens	sinamics_sm150_firmware	5.1
siemens	sinamics_sm150	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E737620D-9D00-4151-B232-7DFB7FD768B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222006F-09D7-49F7-B8C7-4D94298A8F6A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FE6F54-1457-4EB6-9273-1D93B3B97386",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "184365A2-BAD2-4926-ACEE-F71E018D3CE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69EE2BF6-3846-478F-9AC6-BEF34617F3B5",
              "versionEndExcluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E6601B8-E032-4B39-BF65-F25CF047EB99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACCC0229-E454-4BEF-931A-3CD820500822",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp443-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2035A020-F41E-4FC7-A290-9923574D4921",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp443-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB8636E9-A3DA-4DDC-A3FC-B3EAAD07952E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp443-1_advanced_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD15638-8B84-4DA2-9DDC-9A1CA3548E91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp443-1_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE94F56-71DB-4837-9818-6827C80DE2BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1873751-81F4-4732-B30F-9F2DEECBC110",
              "versionEndExcluding": "2.1.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5678E-9EAA-441A-AC77-94F824D64AEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36AC571-C958-4CB8-91D9-5417C1812C02",
              "versionEndExcluding": "2.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00361A3C-60E9-4365-BB51-09D7792C441D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "F18EA7BD-47D0-4367-8F18-C89239B201E3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5418D916-49A6-4B79-A653-E2C5221DEBE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_cp443-1_opc_ua:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56396833-12BF-4AE5-8D3E-695652A99DBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_ipc_diagmonitor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD49A39-47D7-473C-9E46-6D9246BC6D04",
              "versionEndExcluding": "5.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11C0A94D-5506-4A75-99E1-CA9769AF057C",
              "versionEndExcluding": "2.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B66A2A4-5062-45F8-A615-2DA716650909",
              "versionEndExcluding": "2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AED3A3AF-EF77-4E58-91AD-BBE01E1DA4A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "23039930-E45C-4B0E-883A-E2F9A7502984",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sitop_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2662688E-6975-46C7-939B-25FF4790518D",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CBED3D-892A-4EC0-BE2E-358040C34304",
              "versionEndExcluding": "3.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA55275-691D-4269-93E4-C559C89E3FA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25F96DAA-696D-4EB4-97DF-986C7681700B",
              "versionEndExcluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8FFD1C-8E33-48E9-A884-B80311F8BA4C",
              "versionEndExcluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FC4F972-3A3B-421C-8D62-9C5C4D1992CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf181-eip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA94867-4367-4186-8A4B-44C3CBCCEF7F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf181-eip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E10A0D57-8805-44DB-95E3-1B240ED5ED09",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE766CD-695B-4A12-8BC5-3743D8E3D73E",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9461CADE-1624-4D1B-8CF2-CF65F75071C0",
              "versionEndExcluding": "3.3.17",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EFD4E99-5C66-443F-8B6F-FA01C895DE78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2219FE-2C3F-4948-85D6-3C53AC08722B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "795D0FF9-1D0B-4C74-BEF3-58EAE74DFA0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC917346-94F6-44FD-AC00-AED0CF3CBBD1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60D816D-85A5-4971-AF2D-666AE0B74E9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E76BDE-C7E9-4D6B-B5D9-A456516CD016",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DA3D1A-E435-418F-9A13-945B4BA15FC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80D166A8-1EEC-42F4-8EAB-1747247A7A05",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFA520B6-5177-43E4-87C0-C215F79FE9B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C887573-8BE8-42CF-B35A-22F9311AC627",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A5A3F7E-D039-430F-89B0-6AB4FD2428D4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BDBB38-20D2-48C3-8B58-62C2D8CC00B8",
              "versionEndExcluding": "2010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-:*:*:*:*:*:*",
              "matchCriteriaId": "EA59D713-F342-4CDA-BDC8-108352D385DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA5ADAB0-3985-4933-8CDD-D1546D8271CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simocode_pro_v_eip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A001968-C7FD-4C11-8439-11532B234CC2",
              "versionEndExcluding": "1.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simocode_pro_v_eip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50BDA360-0D33-42DC-ADB9-2F69503C2CD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simocode_pro_v_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CB26DA-7CA0-4BD6-A219-01F6E8A6F03F",
              "versionEndExcluding": "2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simocode_pro_v_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1779AE78-AC90-48BE-8FF2-CC11E7CA3CB4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "856768D2-C096-4CA7-B26F-E94B005C0D79",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "373DBE44-AC28-4D04-93BB-35CD8C60E899",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C579C2C7-0402-46B2-A770-C3B7F71D1096",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2296CA65-0E89-4BCB-8003-E7212BF1F585",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9CBC3-B2B3-4FA7-963D-A8F3AE6D8EA0",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A824BD-935F-4E53-8313-C5544B0489C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AC93E-A39F-4754-9707-207C9F2F64F4",
              "versionEndExcluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "3E8BCCED-BDC6-4785-8705-799836E5024E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "098262CC-4D3B-4E55-83C3-2816403C553B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1_hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "6092F899-9A89-4FA4-BD80-97511DF7CF8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D48682C-A39D-4A09-B904-50FA64A9D2A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7269713-6505-41DF-B85B-F729E24A3F5B",
              "versionEndExcluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BEBF14B3-65A0-41E9-B99C-D88548F307CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F151297C-3097-483F-98B5-0261BD547421",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFA8FB3-12A9-4D2E-BCFD-C66313521C80",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F389808-001E-4650-86B2-00A72D25BCD0",
              "versionEndExcluding": "1.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55058209-8AE5-42AF-80D4-5A7A44307266",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sitop_ups1600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD39CC96-ABE3-4854-A102-36AFE1F6CB14",
              "versionEndExcluding": "2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC1A64E-6A27-4F91-8A13-829E0F7D8E80",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B023E75A-B76D-4FD8-9660-1F233092160F",
              "versionEndExcluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C47A4A-BE81-499A-AB36-491661B88693",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A255BC06-2776-4111-A525-76B17371B295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A446D2-39ED-4635-AAA0-85D977F600FE",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1752A2A-0034-4E00-AAC6-FA15345D7A41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5238622A-BCAD-4A06-9920-49BECFDDC2A6",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E231DE7-8B8D-41A3-A163-CE8EF50AF9D0",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "6D076504-AFE3-4C51-80E5-C5992CA7D511",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3653DA37-DB23-41E0-8CE8-838E384AA40A",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "0F86A334-10F9-4DFB-A421-CBCAFD86C8C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E25804D-D943-4C2A-9C78-AAC61F7BA4FF",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "06B69CD4-3AEC-4014-81DB-33805A44A5D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD67D30A-8681-41AE-B248-7E50BA1B9FC8",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "FCC0EE8B-1088-46B6-992A-B8E12A7B7DC2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31393A1B-4DBC-476D-875E-463B4B887E1B",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "0206F9F2-27C7-4D2F-817B-13F8FA31E547",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC70D596-AA1E-4196-87B0-BECEE6568AA7",
              "versionEndExcluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "1E81CDB5-122F-48D1-B9F1-4C401D46D978",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
    },
    {
      "lang": "es",
      "value": "SIPLUS), paneles exteriores SIMATIC HMI Comfort de 7\" y 15\" (incl. variantes SIPLUS), paneles SIMATIC HMI Comfort de 4\" - 22\" (incl. variantes SIPLUS), paneles SIMATIC ET 200SP Open Controller CPU 1515SP PC SIPLUS), paneles m\u00f3viles SIMATIC HMI KTP KTP400F, KTP700, KTP700F, KTP900 y KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, familia SIMATIC RF600R, familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 y variantes SIPLUS), controlador de software SIMATIC S7-1500, familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 y variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V6 e inferiores (incluidas las variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V7 (incluidas las variantes SIPLUS) SIPLUS), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS), SIMOCODE pro V PN (incl. variantes SIPLUS), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5. 1 SP1 Unidad de control, SINAMICS G150 V4.6 Unidad de control, SINAMICS G150 V4.7 Unidad de control, SINAMICS G150 V4.7 SP1 Unidad de control, SINAMICS G150 V4.8 Unidad de control, SINAMICS G150 V5. 1 Unidad de control, SINAMICS G150 V5.1 SP1 Unidad de control, SINAMICS GH150 V4.7 (Unidad de control), SINAMICS GH150 V4.8 (Unidad de control), SINAMICS GL150 V4.7 (Unidad de control), SINAMICS GL150 V4. 8 (Unidad de control), SINAMICS GM150 V4.7 (Unidad de control), SINAMICS GM150 V4.8 (Unidad de control), SINAMICS S120 V4.6 Unidad de control (incl. variantes SIPLUS), SINAMICS S120 V4.7 Unidad de control (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V4.7 SP1 (incl. variantes SIPLUS), SINAMICS S120 V4.8 (incl. variantes SIPLUS), SINAMICS S120 V5.1 (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V5.1 SP1 Unidad de Control (incl. variantes SIPLUS), SINAMICS S150 V4.6 Unidad de Control, SINAMICS S150 V4.7 Unidad de Control, SINAMICS S150 V4.7 SP1 Unidad de Control, SINAMICS S150 V4. 8 Unidad de control, SINAMICS S150 V5.1 Unidad de control, SINAMICS S150 V5.1 SP1 Unidad de control, SINAMICS S210 V5.1 Unidad de control, SINAMICS S210 V5.1 SP1 Unidad de control, SINAMICS SL150 V4. 7 (Unidad de Control), SINAMICS SL150 V4.8 (Unidad de Control), SINAMICS SM120 V4.7 (Unidad de Control), SINAMICS SM120 V4.8 (Unidad de Control), SINAMICS SM150 V4. 8 (unidad de control), SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. variantes SIPLUS), TIM 1531 IRC (incl. variantes SIPLUS NET). El servidor web de los dispositivos afectados contiene una vulnerabilidad que puede conducir a una condici\u00f3n de denegaci\u00f3n de servicio. Un atacante puede provocar una situaci\u00f3n de denegaci\u00f3n de servicio que lleve a reiniciar el servidor web del dispositivo afectado. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo"
    }
  ],
  "id": "CVE-2019-6568",
  "lastModified": "2024-11-21T04:46:42.773",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2019-04-17T14:29:03.683",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-14 20:29

Modified

2024-11-21 04:46

Severity ?

5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known.

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/108412
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	Vendor Advisory
productcert@siemens.com	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108412
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09

Impacted products

Vendor	Product	Version
siemens	simatic_hmi_comfort_panels_firmware	*
siemens	simatic_hmi_comfort_panels	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_\(tia_portal\)	*
siemens	simatic_wincc_runtime	*
siemens	simatic_wincc_runtime	*
siemens	simatic_hmi_tp_firmware	*
siemens	simatic_hmi_tp	-
siemens	simatic_hmi_mp_firmware	*
siemens	simatic_hmi_mp	-
siemens	simatic_hmi_op_firmware	*
siemens	simatic_hmi_op	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82389DAA-8D03-4806-AF86-87A1627A972F",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "C24C17B5-C379-4FD1-BA9F-38B2A329F254",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "24939BB3-7D99-4812-9EF8-65FE1FC9CCD8",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
    },
    {
      "lang": "es",
      "value": "Ha sido identificada una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (Todas las versiones). El servidor web integrado podr\u00eda permitir ataques de Cross-Site Scripting (XSS) si un atacante puede modificar partes particulares de la configuraci\u00f3n del dispositivo por medio de SNMP. La vulnerabilidad de la seguridad podr\u00eda ser explotada por un atacante con acceso de red al sistema afectado. La explotaci\u00f3n con \u00e9xito requiere privilegios del sistema e interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la confidencialidad y la integridad del sistema afectado. En la etapa de publicaci\u00f3n de este aviso de seguridad no se conoce ninguna explotaci\u00f3n p\u00fablica."
    }
  ],
  "id": "CVE-2019-6577",
  "lastModified": "2024-11-21T04:46:44.267",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-14T20:29:04.623",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-80"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-05-12 14:15

Modified

2024-11-21 05:57

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Patch, Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Patch, Vendor Advisory
productcert@siemens.com	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	sinamics_sh150_firmware	*
siemens	sinamics_sh150	-
siemens	sinamics_sm150i_firmware	*
siemens	sinamics_sm150i	-
siemens	sinamics_gh150_firmware	*
siemens	sinamics_gh150	-
siemens	sinamics_gl150_firmware	*
siemens	sinamics_gl150	-
siemens	sinamics_gm150_firmware	*
siemens	sinamics_gm150	-
siemens	sinamics_sl150_firmware	*
siemens	sinamics_sl150	-
siemens	sinamics_sm120_firmware	*
siemens	sinamics_sm120	-
siemens	sinamics_sm150_firmware	*
siemens	sinamics_sm150	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones anteriores), SINAMICS GL150 (with option X30) (Todas las versiones anteriores), SINAMICS GM150 (with option X30) (Todas las versiones anteriores), SINAMICS SH150 (Todas las versiones anteriores), SINAMICS SL150 (Todas las versiones anteriores), SINAMICS SM120 (Todas las versiones anteriores), SINAMICS SM150 (Todas las versiones anteriores), SINAMICS SM150i (Todas las versiones anteriores). SmartVNC tiene una vulnerabilidad de acceso a memoria fuera de l\u00edmites en el manejador de dise\u00f1o del dispositivo, representado por un flujo de datos binarios en el lado del cliente, que potencialmente puede resultar en la ejecuci\u00f3n de c\u00f3digo"
    }
  ],
  "id": "CVE-2021-27384",
  "lastModified": "2024-11-21T05:57:53.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.677",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-05-12 14:15

Modified

2024-11-21 05:55

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
productcert@siemens.com	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). El cliente SmartVNC presenta un fallo al manejar una excepci\u00f3n apropiadamente si el proceso de ejecuci\u00f3n del programa es modificado despu\u00e9s de enviar un paquete desde el servidor, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-25662",
  "lastModified": "2024-11-21T05:55:14.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.343",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-05-12 14:15

Modified

2024-11-21 05:55

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" y 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). SmartVNC presenta una vulnerabilidad de acceso a la memoria fuera de l\u00edmites que podr\u00eda ser desencadenada en el lado del servidor al enviar datos desde el cliente, lo que podr\u00eda resultar en una condici\u00f3n de Denegaci\u00f3n de Servicio"
    }
  ],
  "id": "CVE-2021-25660",
  "lastModified": "2024-11-21T05:55:14.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.253",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-14 20:29

Modified

2024-11-21 04:46

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/108412	Third Party Advisory, VDB Entry
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	Vendor Advisory
productcert@siemens.com	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108412	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	simatic_hmi_comfort_panels_firmware	*
siemens	simatic_hmi_comfort_panels	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_\(tia_portal\)	*
siemens	simatic_wincc_runtime	*
siemens	simatic_wincc_runtime	*
siemens	simatic_hmi_tp_firmware	*
siemens	simatic_hmi_tp	-
siemens	simatic_hmi_mp_firmware	*
siemens	simatic_hmi_mp	-
siemens	simatic_hmi_op_firmware	*
siemens	simatic_hmi_op	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82389DAA-8D03-4806-AF86-87A1627A972F",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "C24C17B5-C379-4FD1-BA9F-38B2A329F254",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "24939BB3-7D99-4812-9EF8-65FE1FC9CCD8",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
    },
    {
      "lang": "es",
      "value": "Ha sido identificada una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (Todas las versiones). El dispositivo afectado ofrec\u00eda capacidades de lectura y escritura de SNMP con una cadena de comunidad codificada p\u00fablicamente. La vulnerabilidad de la seguridad podr\u00eda ser explotada por un atacante con acceso de red al dispositivo afectado. La explotaci\u00f3n con \u00e9xito no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la confidencialidad y la integridad del sistema afectado. En el momento de la publicaci\u00f3n de asesoramiento, no se conoc\u00eda la explotaci\u00f3n p\u00fablica de esta vulnerabilidad de seguridad."
    }
  ],
  "id": "CVE-2019-6572",
  "lastModified": "2024-11-21T04:46:43.653",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-14T20:29:04.200",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-12-13 16:29

Modified

2024-11-21 03:48

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/105922	Third Party Advisory, VDB Entry
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105922	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_hmi_comfort_panels_firmware	*
siemens	simatic_hmi_comfort_panels	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_\(tia_portal\)	*
siemens	simatic_wincc_runtime	*
siemens	simatic_wincc_runtime	*
siemens	simatic_hmi_tp_firmware	*
siemens	simatic_hmi_tp	-
siemens	simatic_hmi_mp_firmware	*
siemens	simatic_hmi_mp	-
siemens	simatic_hmi_op_firmware	*
siemens	simatic_hmi_op	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AD9AEE0-437E-45C7-BA3C-696628FA6883",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D3259C-2DAF-4136-BAC3-28B234329E27",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D090C01-A7A7-43C2-842F-50951D75B57A",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE04B9B4-EFFF-447D-9D98-80EE43E926E9",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B1F081F-E97A-445B-B6D5-E0AEFA3360C1",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7027573E-5E1E-4750-98AD-AC82DC5C1708",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B26872E-A514-4CD7-98C9-2F8B6FD3DEEB",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "775A5747-AB92-4E27-9A74-7DF5368A5BA9",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "5D1FBC31-3165-4057-A615-536D73A75311",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "92C7789F-1646-485A-9889-5AD81B5F1105",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (todas las versiones anteriores a V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" 15\" (todas las versiones anteriores a V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (todas las versiones anteriores a V15 Update 4), SIMATIC WinCC Runtime Advanced (todas las versiones anteriores a V15 Update 4), SIMATIC WinCC Runtime Professional (todas las versiones anteriores a V15 Update 4), SIMATIC WinCC (TIA Portal) (todas las versiones anteriores a V15 Update 4) y SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (todas las versiones). Una vulnerabilidad de salto de directorio podr\u00eda permitir la descarga de archivos arbitrarios desde el dispositivo. Esta vulnerabilidad de seguridad podr\u00eda ser explotada por atacantes con acceso de red al servidor web integrado. No se requiere interacci\u00f3n o autenticaci\u00f3n del usuario para explotar esta vulnerabilidad. La vulnerabilidad impacta la confidencialidad del dispositivo. En el momento de la publicaci\u00f3n del aviso, no se conoce ninguna explotaci\u00f3n p\u00fablica de la vulnerabilidad de seguridad."
    }
  ],
  "id": "CVE-2018-13812",
  "lastModified": "2024-11-21T03:48:07.190",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-12-13T16:29:00.290",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105922"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-05-14 20:29

Modified

2024-11-21 04:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known.

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/108412
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	Vendor Advisory
productcert@siemens.com	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108412
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09

Impacted products

Vendor	Product	Version
siemens	simatic_hmi_comfort_panels_firmware	*
siemens	simatic_hmi_comfort_panels	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_\(tia_portal\)	*
siemens	simatic_wincc_runtime	*
siemens	simatic_wincc_runtime	*
siemens	simatic_hmi_tp_firmware	*
siemens	simatic_hmi_tp	-
siemens	simatic_hmi_mp_firmware	*
siemens	simatic_hmi_mp	-
siemens	simatic_hmi_op_firmware	*
siemens	simatic_hmi_op	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82389DAA-8D03-4806-AF86-87A1627A972F",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "C24C17B5-C379-4FD1-BA9F-38B2A329F254",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "24939BB3-7D99-4812-9EF8-65FE1FC9CCD8",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
    },
    {
      "lang": "es",
      "value": "Ha sido identificada una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a la V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (Todas las versiones). Un atacante con acceso de red a los dispositivos afectados podr\u00eda obtener una clave de sesi\u00f3n TLS. Si el atacante puede observar el tr\u00e1fico TLS entre un usuario leg\u00edtimo y el dispositivo, entonces el atacante podr\u00eda descifrar el tr\u00e1fico TLS. La vulnerabilidad de la seguridad podr\u00eda ser explotada por un atacante que tenga acceso de red a la interfaz web del dispositivo y que pueda observar el tr\u00e1fico TLS entre usuarios leg\u00edtimos y la interfaz web del dispositivo afectado. La vulnerabilidad podr\u00eda afectar la confidencialidad de la comunicaci\u00f3n entre el dispositivo afectado y un usuario leg\u00edtimo. En el momento de la publicaci\u00f3n de asesoramiento, no se conoc\u00eda la explotaci\u00f3n p\u00fablica de la vulnerabilidad de seguridad."
    }
  ],
  "id": "CVE-2019-6576",
  "lastModified": "2024-11-21T04:46:44.130",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-14T20:29:04.560",
  "references": [
    {
      "source": "productcert@siemens.com",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-05-12 14:15

Modified

2024-11-21 05:57

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
productcert@siemens.com	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	sinamics_sh150_firmware	*
siemens	sinamics_sh150	-
siemens	sinamics_sm150i_firmware	*
siemens	sinamics_sm150i	-
siemens	sinamics_gh150_firmware	*
siemens	sinamics_gh150	-
siemens	sinamics_gl150_firmware	*
siemens	sinamics_gl150	-
siemens	sinamics_gm150_firmware	*
siemens	sinamics_gm150	-
siemens	sinamics_sl150_firmware	*
siemens	sinamics_sl150	-
siemens	sinamics_sm120_firmware	*
siemens	sinamics_sm120	-
siemens	sinamics_sm150_firmware	*
siemens	sinamics_sm150	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (con opci\u00f3n X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). Un atacante remoto podr\u00eda enviar paquetes especialmente dise\u00f1ados al manejador de dise\u00f1o de dispositivos SmartVNC en el lado del cliente, lo que podr\u00eda influir en la cantidad de recursos consumidos y dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio (bucle infinito)"
    }
  ],
  "id": "CVE-2021-27385",
  "lastModified": "2024-11-21T05:57:53.380",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.727",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-12-13 16:29

Modified

2024-11-21 03:48

Severity ?

8.1 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/105922	Third Party Advisory, VDB Entry
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105922	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_hmi_comfort_panels_firmware	*
siemens	simatic_hmi_comfort_panels	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_\(tia_portal\)	*
siemens	simatic_wincc_runtime	*
siemens	simatic_wincc_runtime	*
siemens	simatic_hmi_tp_firmware	*
siemens	simatic_hmi_tp	-
siemens	simatic_hmi_mp_firmware	*
siemens	simatic_hmi_mp	-
siemens	simatic_hmi_op_firmware	*
siemens	simatic_hmi_op	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AD9AEE0-437E-45C7-BA3C-696628FA6883",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D3259C-2DAF-4136-BAC3-28B234329E27",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D090C01-A7A7-43C2-842F-50951D75B57A",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE04B9B4-EFFF-447D-9D98-80EE43E926E9",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B1F081F-E97A-445B-B6D5-E0AEFA3360C1",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7027573E-5E1E-4750-98AD-AC82DC5C1708",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B26872E-A514-4CD7-98C9-2F8B6FD3DEEB",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "775A5747-AB92-4E27-9A74-7DF5368A5BA9",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "5D1FBC31-3165-4057-A615-536D73A75311",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "92C7789F-1646-485A-9889-5AD81B5F1105",
              "versionEndIncluding": "15.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\" (todas las versiones anteriores a V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" 15\" (todas las versiones anteriores a V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (todas las versiones anteriores a V15 Update 4), SIMATIC WinCC Runtime Advanced (todas las versiones anteriores a V15 Update 4), SIMATIC WinCC Runtime Professional (todas las versiones anteriores a V15 Update 4), SIMATIC WinCC (TIA Portal) (todas las versiones anteriores a V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (todas las versiones). El servidor web de los dispositivos HMI podr\u00eda permitir redirecciones de URL a sitios web no fiables. Un atacante debe enga\u00f1ar a un usuario v\u00e1lido autenticado en el dispositivo para que haga clic en un enlace malicioso y explote esta vulnerabilidad. En el momento de la publicaci\u00f3n del aviso, no se conoce ninguna explotaci\u00f3n p\u00fablica de la vulnerabilidad de seguridad."
    }
  ],
  "id": "CVE-2018-13813",
  "lastModified": "2024-11-21T03:48:07.380",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-12-13T16:29:00.320",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105922"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2019-04-17 14:29

Modified

2024-11-21 04:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.

References

▼	URL	Tags
	productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_cp443-1_opc_ua_firmware	*
siemens	simatic_cp443-1_opc_ua	-
siemens	simatic_et_200_open_controller_cpu_1515sp_pc2_firmware	*
siemens	simatic_et_200_open_controller_cpu_1515sp_pc2	-
siemens	simatic_ipc_diagmonitor_firmware	*
siemens	simatic_ipc_diagmonitor	-
siemens	simatic_net_pc_software_firmware	*
siemens	simatic_net_pc_software	-
siemens	simatic_rf188c_firmware	*
siemens	simatic_rf188c	-
siemens	simatic_rf600r_firmware	*
siemens	simatic_rf600r	-
siemens	simatic_s7-1500_firmware	*
siemens	simatic_s7-1500	-
siemens	opc_unified_architecture	*
siemens	simatic_s7-1500_software_controller	*
siemens	simatic_wincc_oa	*
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_comfort	*
siemens	simatic_wincc_runtime_hsp_comfort	*
siemens	simatic_wincc_runtime_mobile	*
siemens	sinec-nms	*
siemens	sinec-nms	1.0
siemens	sinema_server	*
siemens	sinumerik_opc_ua_server	*
siemens	telecontrol_server_basic	*
siemens	simatic_s7-1500f_firmware	*
siemens	simatic_s7-1500f	-
siemens	simatic_s7-1500s_firmware	*
siemens	simatic_s7-1500s	-
siemens	simatic_s7-1500t_firmware	*
siemens	simatic_s7-1500t	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp443-1_opc_ua_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D0780D2-8892-490E-9C38-6D1516EBCA76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp443-1_opc_ua:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47272AD2-1D05-419E-A6BE-8836DF69FF82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB5AE88-04E5-467E-85E5-D3C0DDA2B21F",
              "versionEndExcluding": "2.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0944C4-8FD7-4B00-85B7-6DB430EAA884",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91371CD0-EBDF-43C5-A262-A46E1C343716",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5E06833-4C26-40AC-B6CF-F7D1322462D6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_pc_software_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77022802-113F-42E7-8FBF-C47BB50E8DA7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_pc_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A00F5A-9B28-45FF-8549-290302939DFD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9523EC09-36C9-41E1-A485-C75819A2DB72",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA55275-691D-4269-93E4-C559C89E3FA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065D2218-EA10-410E-A49A-C9A259469421",
              "versionEndIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:opc_unified_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6230C5B0-2F36-4C94-BA28-D36170952423",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "054D17CD-74AF-473E-A3BC-7B69DFB1C04B",
              "versionEndIncluding": "2.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_oa:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B74D88E-E8D7-4AA9-8B54-CC833E26CEB4",
              "versionEndExcluding": "3.15-p018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_comfort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9AE946B-D532-4CEB-B109-C8B951B61E49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_hsp_comfort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49D722B2-948B-4F11-AD36-E1378BB40403",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_mobile:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "455411C4-037C-47BF-9BD6-AC7F9C2D30F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec-nms:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ED63145-9082-4346-871B-DF0A6F91E7F0",
              "versionEndExcluding": "1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec-nms:1.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "1F6F05DC-0FBA-4D25-A2E6-06D873B3DFAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C55DA617-6333-40DA-AB7D-EE49A453E143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E31B88B-E743-4DFD-996B-154F7F48C510",
              "versionEndExcluding": "2.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2ECBEF2-9B1A-49F8-9850-0AF09BF71ED7",
              "versionEndExcluding": "3.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58CCDA0F-F657-4AF8-BE53-A3993C0280B3",
              "versionEndIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A255BC06-2776-4111-A525-76B17371B295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F162D0-998E-4EC9-BA59-D9B47B07EF69",
              "versionEndIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1752A2A-0034-4E00-AAC6-FA15345D7A41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C47ADAD6-2DDE-49EF-864B-CC9448399E7B",
              "versionEndIncluding": "2.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "F18EA7BD-47D0-4367-8F18-C89239B201E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_1:*:*:*:*:*:*",
              "matchCriteriaId": "DE71784C-012F-40EC-82E2-3BE8589F00DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_2:*:*:*:*:*:*",
              "matchCriteriaId": "C5A35FDE-C76F-430E-BD15-373F9F30FED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_3:*:*:*:*:*:*",
              "matchCriteriaId": "37A6344F-CB58-4CFA-A971-395BFB3FF02B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_1:*:*:*:*:*:*",
              "matchCriteriaId": "E949961E-320A-4E25-A0CA-5EBC7DA0AD9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_2:*:*:*:*:*:*",
              "matchCriteriaId": "A390DCB7-4511-4931-A34B-BF6A9B84370D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_3:*:*:*:*:*:*",
              "matchCriteriaId": "FF5136A8-130C-4121-A250-B4DE5883239E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_1:*:*:*:*:*:*",
              "matchCriteriaId": "862B1996-202B-42DF-A7DA-D01CD43C4AB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_2:*:*:*:*:*:*",
              "matchCriteriaId": "7AFD3E4C-7125-4FB5-991F-76A31AD61BD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_3:*:*:*:*:*:*",
              "matchCriteriaId": "71172F82-C9B6-4DEC-ADCC-F455E72936CA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_1:*:*:*:*:*:*",
              "matchCriteriaId": "A8CA985F-3678-46F4-BE2E-BDBCCD1BC0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_2:*:*:*:*:*:*",
              "matchCriteriaId": "1A28CC05-0CEA-4221-83CE-4029726F60E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_3:*:*:*:*:*:*",
              "matchCriteriaId": "5D612CB7-45A0-44AC-BB96-12AFE2B14CE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_1:*:*:*:*:*:*",
              "matchCriteriaId": "7B0FAB4F-7D95-4FC0-AF59-CCEDC6E22DC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_2:*:*:*:*:*:*",
              "matchCriteriaId": "5C925AE3-7262-4DDD-803D-D871A66CD2B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_3:*:*:*:*:*:*",
              "matchCriteriaId": "E64DEED6-7E6F-4E79-BA4D-2B2E43B2B97D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_1:*:*:*:*:*:*",
              "matchCriteriaId": "9429BA23-CB76-4574-B7F8-530882CF704A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_2:*:*:*:*:*:*",
              "matchCriteriaId": "3794C871-098D-428F-89EA-ADDEFD4E4A86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_3:*:*:*:*:*:*",
              "matchCriteriaId": "386F501D-5C7D-4336-A39D-31B12C5BCB56",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC CP 443-1 OPC UA (todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incluidas las variantes SIPLUS) (todas las versiones anteriores a V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026amp; 15\" (incluidas las variantes SIPLUS) (todas las versiones anteriores a V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incluidas las variantes SIPLUS) (todas las versiones anteriores a V15. 1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a V15.1 Upd 4), SIMATIC IPC DiagMonitor (Todas las versiones anteriores a V5.1. 3), SIMATIC NET PC Software V13 (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC RF188C (Todas las versiones anteriores a V1. 1.0), familia SIMATIC RF600R (Todas las versiones anteriores a V3.2.1), familia de CPUs SIMATIC S7-1500 (incluidas las CPUs ET200 relacionadas y las variantes SIPLUS) (Todas las versiones posteriores o iguales a V2.5 anteriores a V2.6.1), SIMATIC S7-1500 Software Controller (Todas las versiones entre V2.5 (incluida) y V2.7 (excluida)), SIMATIC WinCC OA (Todas las versiones anteriores a V3. 15 P018), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a V15.1 Upd 4), SINEC NMS (Todas las versiones anteriores a V1.0 SP1), SINEMA Server (Todas las versiones anteriores a V14 SP2), SINUMERIK OPC UA Server (Todas las versiones anteriores a V2.1), TeleControl Server Basic (Todas las versiones anteriores a V3.1.1). Los paquetes de red especialmente dise\u00f1ados que se env\u00edan a los dispositivos afectados en el puerto 4840/tcp podr\u00edan permitir a un atacante remoto no autenticado provocar una condici\u00f3n de denegaci\u00f3n de servicio de la comunicaci\u00f3n OPC o bloquear el dispositivo. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad de la comunicaci\u00f3n OPC"
    }
  ],
  "id": "CVE-2019-6575",
  "lastModified": "2024-11-21T04:46:43.960",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-17T14:29:03.760",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-248"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-05-12 14:15

Modified

2024-11-21 05:55

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
productcert@siemens.com	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4). SmartVNC tiene una vulnerabilidad de acceso a la memoria fuera de los l\u00edmites que podr\u00eda activarse en el lado del cliente al enviar datos desde el servidor, lo que podr\u00eda dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-25661",
  "lastModified": "2024-11-21T05:55:14.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.300",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-788"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-05-12 14:15

Modified

2024-11-21 05:57

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.

References

URL	Tags
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
productcert@siemens.com	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	simatic_wincc_runtime_advanced	16
siemens	sinamics_sh150_firmware	*
siemens	sinamics_sh150	-
siemens	sinamics_sm150i_firmware	*
siemens	sinamics_sm150i	-
siemens	sinamics_gh150_firmware	*
siemens	sinamics_gh150	-
siemens	sinamics_gl150_firmware	*
siemens	sinamics_gl150	-
siemens	sinamics_gm150_firmware	*
siemens	sinamics_gm150	-
siemens	sinamics_sl150_firmware	*
siemens	sinamics_sl150	-
siemens	sinamics_sm120_firmware	*
siemens	sinamics_sm120	-
siemens	sinamics_sm150_firmware	*
siemens	sinamics_sm150	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	16
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"_firmware	16
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"_firmware	16
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	16
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_7\"	-
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"_firmware	15.1
siemens	simatic_hmi_comfort_outdoor_panels_15\"	-
siemens	simatic_hmi_comfort_panels_4\"_firmware	*
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_4\"	-
siemens	simatic_hmi_comfort_panels_22\"_firmware	*
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"_firmware	15.1
siemens	simatic_hmi_comfort_panels_22\"	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	15.1
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_runtime_advanced	*
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1
siemens	simatic_wincc_runtime_advanced	15.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0891D85-C5F4-4CD2-8EFA-84356CE36654",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "E0005A53-33AD-47AF-B172-CAF423DE213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "9696B0D9-5A66-4747-9437-791EAC150DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "F6AC2BA5-1668-4B71-8812-925AC6554F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "047D0868-3DA6-41CF-A6F9-D15668D536FB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F1FAFD2-1E4D-44F3-87A1-8A1380B980BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC7AA8D-9046-4111-A263-38343997F984",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150i_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6067521-A21D-4B2A-AFB2-2E033F66B63E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44DEAD8-8DB8-41CC-9495-B842BE76EA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BF9157D-0089-4569-9AA1-4DEE94140D25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D780400-0AA8-449C-B754-7167CA878D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD50EE-6C46-445E-8D46-82768CAAC305",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E032554B-7F51-4482-AF55-743FFB5AC352",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE3048-EEB0-48A0-BED0-8647284B022B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B7E1DE-61B5-4CFC-8640-EB8029CD79D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "244D9B27-649C-4983-B374-6A8774771AC5",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "A2530BB3-484C-4D24-82F6-15967C8B7B32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A1FACE-E693-4FDA-944D-0B7F500007B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7FB4AA4-1F48-4A25-AA21-5F867A38D23E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "6A673BD0-96B5-48CA-B060-A5D01687A764",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "428B633D-55FF-4DB8-B6DD-5E4EEE52A44C",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A64DD-22A2-4260-929F-7595CD037823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "9756D206-E295-4B0C-B159-F9A953342E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "82D6FBBF-FD9B-4AFA-B3E1-8E3341948A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D43D2191-DBBD-4F7A-B02A-3DCEE46BF904",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "23C6AD3C-C15B-4B67-88D1-236C10BB12CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE4201E-E660-4B3E-91EC-B6A7DC35C189",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "F2D6D924-858A-4542-BCD0-A5631F941039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "309E4D56-6D39-4E8F-8312-FF178B721392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EDB63639-3101-4F60-8193-EF219D99C128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "4C6C83EE-3DC7-4CB3-8148-CB24A825274E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6C72B0-17D7-491E-816A-AF855166A90B",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "322584EF-72C0-4032-A02B-FDFFDCCE3FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5F1BA-2BEA-40A9-8D5B-A612D467C40C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D14DE5C7-318A-4D08-BB39-1E43F624816A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "FCDAF23F-9272-4DC5-8D46-37FAC08950CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FB0305-DF87-42FF-BACA-E8255EA74AA9",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BAA5B299-A45A-4918-AB8F-03A476CEDA17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0C29FD64-C041-4269-BC52-8F91321BC247",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7182C6C0-7DAD-4446-B14E-8EF46FB0CFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F972-26AF-4A6E-AAD9-B30EBDF52465",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B8F3D-5E02-4F0F-9927-9D7C336EBE56",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "845C78A9-AE0F-42B9-9E25-47F541DF5196",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B23096F5-3546-41D8-BE30-8698BC0C9B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D7C5AF13-69FF-444F-B84A-130D7413B307",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "66A17FC6-B6AE-4915-8069-68B41F3C87E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C618736-1382-4515-A295-6EC67A2731EA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC0AD5A8-768E-4747-AD89-B924D369565E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4C2FD1E4-4A01-4BFB-9D2A-5A030C37BD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "0AA5C3DC-E67F-4773-B32C-6B362C94BCBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "C96C7676-9A0D-46B5-9C49-5F5CE873E2C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF42C3EA-84A5-4419-ACBA-6A2F8DB994E2",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "105CCE4B-D8F9-43EA-9089-CEE16A410751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "7C163E7E-C9E3-4FBD-885A-C2E7FB8B845F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "2CD3DD84-BDAC-4583-BD61-799A5F01A5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "0A4F6758-0B36-4546-A7A7-A4C71B63772E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A613F7-4EA4-40FF-931F-EF3C477300DA",
              "versionEndExcluding": "16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:-:*:*:*:*:*:*",
              "matchCriteriaId": "4B048552-A26D-419E-9EEA-9AFD9457B70B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update1:*:*:*:*:*:*",
              "matchCriteriaId": "0E4E1016-F217-4B75-83D7-F73B1C5A54F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update2:*:*:*:*:*:*",
              "matchCriteriaId": "EF2F6982-2C38-4F9B-87A4-AE4404197B7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:16:update3:*:*:*:*:*:*",
              "matchCriteriaId": "7745AA84-BC12-4DBD-90A6-DA294EADB7BF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "67CFFD89-1FF2-4F25-A5AB-D6FF8F721132",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BA4B198A-8288-459D-9586-CD402DE23023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AC4FDB83-702A-41D5-B2A5-BDA58B7E13D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D972823A-1128-4222-8910-9CA3D38B472F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A05007D7-3C49-4192-ABDF-FE94BA7FD1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "869AD837-79B1-4F76-947B-7DCAD172BDC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_7\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "5C152EB8-A13A-4F16-994A-B6D93A017CC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_7\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B531FDD4-2796-4FE9-9F94-E9D461C7C528",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F38FBA-7D23-4CB2-9A2D-45616E2A2DFB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "553C9A57-A9D2-47F9-ABA8-042B05DE46C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "8F5F3B33-2A82-4CDF-A678-76DE13F256D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "9FE49F2D-B904-4E48-AAFD-669141B570F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "729F784C-9AC0-4231-A75A-1FA8373FA31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "FA61AC05-061D-4EE7-BFEF-568F30B9B883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_15\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "374BAF2F-0A32-4F1A-B838-894F9E9D3E0F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels_15\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39DA22F7-E4B6-4A1E-9CCB-651EBEFD691D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C636FCD-78AE-4FA2-95E5-2BBD5A88DA68",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "FDE42199-9152-41A3-BE56-E6789315CF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "040F990F-F3C2-46EF-9E40-FD136A19575F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "748BFFBC-56BD-42EC-9B5F-0752D2A70D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B37490B0-A214-4A62-9B67-934048921C1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "3D7B9F45-5749-4F36-961D-6C5D650ADA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_4\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F544593D-368B-4EC1-8448-8C2BA1301216",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_4\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D63658BB-2364-4DE5-904B-2367B70294AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9D26D9F-7081-42B2-8AE4-D04E8429B88D",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F902732-9944-4821-BCFB-9937D1301FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B0C061AC-3E64-4667-A0E7-DD58B2E5A014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "3EECF743-25E8-4483-AA68-B304B38A9290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2F557157-AAD6-4601-84C2-2F8574F23683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "A6BF6644-AF29-4541-9D6A-D07D0CC026F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_22\\\"_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "C4FD5396-8094-4DD0-BE7B-0FB6CC6D45F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels_22\\\":-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFDC8157-7EA3-4BC4-82C1-06A307996F45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5B130C2-28B8-464C-981C-B5662B4B4309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "79407355-4181-4082-A661-C27734D95363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "8989C7D4-5246-443E-B6E4-8E91462B2E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "2BFBC5B2-B00B-4FCD-86B1-A187122035AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B47671A7-A8DB-4DA2-9076-78708C7F1C42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F36ABC58-C9FE-4F4A-AB81-26D48A79FFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "A87DD9FF-9CA3-4AE2-8C86-C30A779E0CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "891AF48F-1F4D-4AB8-AE66-FBABDD2CAA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5052CB07-626A-46C4-8966-B8C9325A3BB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "6CD47CC7-1414-42C9-94C6-9DBC2C1D9CBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "81CE70BF-EBBE-4CD7-999C-25662670EFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "034B7CFC-1234-4914-8C84-7E5BD5FB6E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "221EB3AE-1420-46F8-9EAD-1914503B0435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "5F9A416C-277F-44B0-A74C-263CB0C37D03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "FA858127-69A0-4280-80A8-65E0778A90AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A35D0B0C-695D-4274-8B9E-69ED20B62585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "FE9C9981-BA54-48BB-A89D-3CA06C7E17C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "EA400339-123F-494A-8CD8-7232281E7D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "C8E943A5-E35C-4CFA-8998-A74385C8740B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "F4D7038E-C705-4FB9-A2D3-82FFC8EE80CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "AA0728BD-F463-456C-A6EB-9FF2FD42AA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0B884-C99A-4854-992F-8588840CC296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "04BA4916-5693-4915-B4D7-29D97FA02474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "DC588CE7-1F9D-43EF-A478-C23C8D909685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "2DE08529-E210-48C1-A7C3-D2D316902A40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update4:*:*:*:*:*:*",
              "matchCriteriaId": "8104E528-ED7D-451E-8834-057295A7FF49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update5:*:*:*:*:*:*",
              "matchCriteriaId": "0AF02DF4-7190-4F6C-8F15-37581FFC9B86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026amp; 15\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incluyendo las variantes SIPLUS) (Todas las versiones anteriores a V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (Todas las versiones anteriores a V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (Todas las versiones anteriores a V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (Todas las versiones anteriores a V16 Update 4), SINAMICS GH150 (Todas las versiones), SINAMICS GL150 (con la opci\u00f3n X30) (Todas las versiones), SINAMICS GM150 (with option X30) (Todas las versiones), SINAMICS SH150 (Todas las versiones), SINAMICS SL150 (Todas las versiones), SINAMICS SM120 (Todas las versiones), SINAMICS SM150 (Todas las versiones), SINAMICS SM150i (Todas las versiones). SmartVNC tiene una vulnerabilidad de fuga de asignaci\u00f3n de heap en el codificador Tight del servidor, que podr\u00eda dar lugar a una condici\u00f3n de denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-27383",
  "lastModified": "2024-11-21T05:57:53.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-05-12T14:15:11.633",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-12-13 16:29

Modified

2024-11-21 03:48

Severity ?

8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V14), SIMATIC WinCC Runtime Advanced (All versions < V14), SIMATIC WinCC Runtime Professional (All versions < V14), SIMATIC WinCC (TIA Portal) (All versions < V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

URL	Tags
productcert@siemens.com	http://www.securityfocus.com/bid/105931	Third Party Advisory, VDB Entry
productcert@siemens.com	https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105931	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	simatic_hmi_comfort_panels_firmware	*
siemens	simatic_hmi_comfort_panels	-
siemens	simatic_hmi_comfort_outdoor_panels_firmware	*
siemens	simatic_hmi_comfort_outdoor_panels	-
siemens	simatic_hmi_ktp_mobile_panels_ktp400f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp400f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700	-
siemens	simatic_hmi_ktp_mobile_panels_ktp700f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp700f	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900	-
siemens	simatic_hmi_ktp_mobile_panels_ktp900f_firmware	*
siemens	simatic_hmi_ktp_mobile_panels_ktp900f	-
siemens	simatic_wincc_\(tia_portal\)	*
siemens	simatic_wincc_runtime	*
siemens	simatic_wincc_runtime	*
siemens	simatic_hmi_tp_firmware	*
siemens	simatic_hmi_tp	-
siemens	simatic_hmi_mp_firmware	*
siemens	simatic_hmi_mp	-
siemens	simatic_hmi_op_firmware	*
siemens	simatic_hmi_op	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E4E5DE2-34BF-4B0E-9C53-FF53255DEA72",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ED4BD65-A2BC-45DB-8465-1A5846916522",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37DC20C-7FE9-42B0-BD92-01FD2F40D2A9",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B75E3C61-A501-4B4F-98E8-E0DA53C7CD78",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A9006B-1C42-4E97-9FDA-225974F5FD16",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A4CFE5-471A-4710-8712-66B0ECDC8214",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A449791-25A0-46A0-A022-EACCAE506189",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09ACCC3D-B2C3-4920-9A2D-EF4D65C60505",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
              "matchCriteriaId": "F4E97D44-F06E-411E-ABAA-ACFB8AABEFA3",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
              "matchCriteriaId": "3876E5D8-AA56-4262-B245-CD5915AF4CAD",
              "versionEndExcluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_tp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "983886F3-5B11-4AC3-A4D9-C2816F9A37DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_tp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE8F082D-04C4-4A3E-B3D1-6C2914C2917E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_mp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2271FBE-FF50-4614-A4A5-BBAB800F5FBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_mp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C30B3C-90EF-4244-9235-D87A421850DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_op_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "217870AC-9EB0-4BDE-A2E2-381055B8E69C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_op:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A17F4CDF-5367-4343-AA1E-0C452495E598",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V14), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V14), SIMATIC WinCC Runtime Advanced (All versions \u003c V14), SIMATIC WinCC Runtime Professional (All versions \u003c V14), SIMATIC WinCC (TIA Portal) (All versions \u003c V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI Comfort Outdoor Panels 7\" 15\" (todas las versiones anteriores a V14 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (todas las versiones anteriores a V14), SIMATIC WinCC Runtime Advanced (todas las versiones anteriores a V14), SIMATIC WinCC Runtime Professional (todas las versiones anteriores a V14), SIMATIC WinCC (TIA Portal) (todas las versiones anteriores a V14) y SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (todas las versiones). El servidor web integrado (puerto 80/tcp y puerto 443/tcp) de los dispositivos afectados podr\u00eda permitir que un atacante inyecte cabeceras HTTP. Un atacante debe enga\u00f1ar a un usuario v\u00e1lido autenticado en el dispositivo para que haga clic en un enlace malicioso y explote esta vulnerabilidad. En el momento de la publicaci\u00f3n del aviso, no se conoce ninguna explotaci\u00f3n p\u00fablica de la vulnerabilidad de seguridad."
    }
  ],
  "id": "CVE-2018-13814",
  "lastModified": "2024-11-21T03:48:07.560",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-12-13T16:29:00.350",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105931"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-113"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2019-6577

Vulnerability from cvelistv5

Published

2019-05-14 19:54

Modified

2024-08-04 20:23

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	x_refsource_MISC
	http://www.securityfocus.com/bid/108412	vdb-entry, x_refsource_BID
	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens AG

SIMATIC HMI Comfort Panels 4" - 22"

Version: All versions < V15.1 Update 1

Siemens AG	SIMATIC HMI Comfort Outdoor Panels 7" & 15"	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC Runtime Advanced	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC Runtime Professional	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC (TIA Portal)	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)	Version: All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.189Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:27:02",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6577",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify particular parts of the device configuration via SNMP. The security vulnerability could be exploited by an attacker with network access to the affected system. Successful exploitation requires system privileges and user interaction. An attacker could use the vulnerability to compromise confidentiality and the integrity of the affected system. At the stage of publishing this security advisory no public exploitation is known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6577",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25661

Vulnerability from cvelistv5

Published

2021-05-12 13:18

Modified

2024-08-03 20:11

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition.

References

▼	URL	Tags
	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)

Version: All versions < V15.1 Update 6

Siemens	SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V16 Update 4
Siemens	SIMATIC WinCC Runtime Advanced V15	Version: All versions < V15.1 Update 6
Siemens	SIMATIC WinCC Runtime Advanced V16	Version: All versions < V16 Update 4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25661",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the client side when sending data from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25661",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.591Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-13812

Vulnerability from cvelistv5

Published

2018-12-13 16:00

Modified

2024-08-05 09:14

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/105922	vdb-entry, x_refsource_BID
	https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Siemens AG

SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)

Version: SIMATIC HMI Comfort Panels 4" - 22" : All versions < V15 Update 4
Version: SIMATIC HMI Comfort Outdoor Panels 7" & 15" : All versions < V15 Update 4
Version: SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions < V15 Update 4
Version: SIMATIC WinCC Runtime Advanced : All versions < V15 Update 4
Version: SIMATIC WinCC Runtime Professional : All versions < V15 Update 4
Version: SIMATIC WinCC (TIA Portal) : All versions < V15 Update 4
Version: SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:14:47.285Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105922",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105922"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "SIMATIC HMI Comfort Panels 4\" - 22\" : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC Runtime Advanced : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC Runtime Professional : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC (TIA Portal) : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions"
            }
          ]
        }
      ],
      "datePublic": "2018-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-14T10:57:02",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "105922",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105922"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-13812",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SIMATIC HMI Comfort Panels 4\" - 22\" : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC WinCC Runtime Advanced : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC WinCC Runtime Professional : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC WinCC (TIA Portal) : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). A directory traversal vulnerability could allow to download arbitrary files from the device. The security vulnerability could be exploited by an attacker with network access to the integrated web server. No user interaction and no authentication is required to exploit the vulnerability. The vulnerability impacts the confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105922",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105922"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-13812",
    "datePublished": "2018-12-13T16:00:00",
    "dateReserved": "2018-07-10T00:00:00",
    "dateUpdated": "2024-08-05T09:14:47.285Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-27385

Vulnerability from cvelistv5

Published

2021-05-12 13:18

Modified

2024-08-03 20:48

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	x_refsource_MISC
	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)

Version: All versions < V15.1 Update 6

Siemens	SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V16 Update 4
Siemens	SIMATIC WinCC Runtime Advanced V15	Version: All versions < V15.1 Update 6
Siemens	SIMATIC WinCC Runtime Advanced V16	Version: All versions < V16 Update 4
Siemens	SINAMICS GH150	Version: All versions
Siemens	SINAMICS GL150 (with option X30)	Version: All versions
Siemens	SINAMICS GM150 (with option X30)	Version: All versions
Siemens	SINAMICS SH150	Version: All versions
Siemens	SINAMICS SL150	Version: All versions
Siemens	SINAMICS SM120	Version: All versions
Siemens	SINAMICS SM150	Version: All versions
Siemens	SINAMICS SM150i	Version: All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:17",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27385",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). A remote attacker could send specially crafted packets to SmartVNC device layout handler on client side, which could influence the amount of resources consumed and result in a Denial-of-Service (infinite loop) condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27385",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.474Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25662

Vulnerability from cvelistv5

Published

2021-05-12 13:18

Modified

2024-08-03 20:11

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_MISC
	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)

Version: All versions < V15.1 Update 6

Siemens	SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V16 Update 4
Siemens	SIMATIC WinCC Runtime Advanced V15	Version: All versions < V15.1 Update 6
Siemens	SIMATIC WinCC Runtime Advanced V16	Version: All versions < V16 Update 4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755: Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:14",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25662",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC client fails to handle an exception properly if the program execution process is modified after sending a packet from the server, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755: Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25662",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-27384

Vulnerability from cvelistv5

Published

2021-05-12 13:18

Modified

2024-08-03 20:48

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	x_refsource_MISC
	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)

Version: All versions < V15.1 Update 6

Siemens	SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V16 Update 4
Siemens	SIMATIC WinCC Runtime Advanced V15	Version: All versions < V15.1 Update 6
Siemens	SIMATIC WinCC Runtime Advanced V16	Version: All versions < V16 Update 4
Siemens	SINAMICS GH150	Version: All versions
Siemens	SINAMICS GL150 (with option X30)	Version: All versions
Siemens	SINAMICS GM150 (with option X30)	Version: All versions
Siemens	SINAMICS SH150	Version: All versions
Siemens	SINAMICS SL150	Version: All versions
Siemens	SINAMICS SM120	Version: All versions
Siemens	SINAMICS SM150	Version: All versions
Siemens	SINAMICS SM150i	Version: All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.461Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:16",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27384",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has an out-of-bounds memory access vulnerability in the device layout handler, represented by a binary data stream on client side, which can potentially result in code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27384",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25660

Vulnerability from cvelistv5

Published

2021-05-12 13:18

Modified

2024-08-03 20:11

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)

Version: All versions < V15.1 Update 6

Siemens	SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V16 Update 4
Siemens	SIMATIC WinCC Runtime Advanced V15	Version: All versions < V15.1 Update 6
Siemens	SIMATIC WinCC Runtime Advanced V16	Version: All versions < V16 Update 4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:11:27.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-788",
              "description": "CWE-788: Access of Memory Location After End of Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:11",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-25660",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4). SmartVNC has an out-of-bounds memory access vulnerability that could be triggered on the server side when sending data from the client, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-788: Access of Memory Location After End of Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-25660",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-01-21T00:00:00",
    "dateUpdated": "2024-08-03T20:11:27.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6568

Vulnerability from cvelistv5

Published

2019-04-17 13:40

Modified

2024-08-04 20:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C

Summary

The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf
	https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC CP 1604

Version: All versions

Siemens	SIMATIC CP 1616	Version: All versions
Siemens	SIMATIC CP 343-1 Advanced	Version: All versions
Siemens	SIMATIC CP 443-1	Version: All versions < V3.3
Siemens	SIMATIC CP 443-1	Version: All versions < V3.3
Siemens	SIMATIC CP 443-1 Advanced	Version: All versions < V3.3
Siemens	SIMATIC CP 443-1 OPC UA	Version: All versions
Siemens	SIMATIC ET 200pro IM154-8 PN/DP CPU	Version: All versions < V3.2.16
Siemens	SIMATIC ET 200pro IM154-8F PN/DP CPU	Version: All versions < V3.2.16
Siemens	SIMATIC ET 200pro IM154-8FX PN/DP CPU	Version: All versions < V3.2.16
Siemens	SIMATIC ET 200S IM151-8 PN/DP CPU	Version: All versions < V3.2.16
Siemens	SIMATIC ET 200S IM151-8F PN/DP CPU	Version: All versions < V3.2.16
Siemens	SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)	Version: All versions < V2.1.6
Siemens	SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)	Version: All versions < V2.7
Siemens	SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants)	Version: All versions < V15.1 Upd4
Siemens	SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants)	Version: All versions < V15.1 Upd4
Siemens	SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Upd4
Siemens	SIMATIC IPC DiagMonitor	Version: All versions < V5.1.3
Siemens	SIMATIC RF182C	Version: All versions
Siemens	SIMATIC RF185C	Version: All versions < V1.1.0
Siemens	SIMATIC RF186C	Version: All versions < V1.1.0
Siemens	SIMATIC RF188C	Version: All versions < V1.1.0
Siemens	SIMATIC RF600R family	Version: All versions < V3.2.1
Siemens	SIMATIC RFID 181EIP	Version: All versions
Siemens	SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)	Version: All versions < V2.6.1
Siemens	SIMATIC S7-1500 Software Controller	Version: All versions < V2.7
Siemens	SIMATIC S7-300 CPU 314C-2 PN/DP	Version: All versions < V3.3.16
Siemens	SIMATIC S7-300 CPU 315-2 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 315F-2 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 315T-3 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 317-2 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 317F-2 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 317T-3 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 317TF-3 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 319-3 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-300 CPU 319F-3 PN/DP	Version: All versions < V3.2.16
Siemens	SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)	Version: All versions
Siemens	SIMATIC S7-PLCSIM Advanced	Version: All versions < V2.0 SP1 UPD1
Siemens	SIMATIC Teleservice Adapter IE Advanced	Version: All versions
Siemens	SIMATIC Teleservice Adapter IE Basic	Version: All versions
Siemens	SIMATIC Teleservice Adapter IE Standard	Version: All versions
Siemens	SIMATIC WinAC RTX 2010	Version: All versions < V2010 SP3
Siemens	SIMATIC WinAC RTX F 2010	Version: All versions < V2010 SP3
Siemens	SIMATIC WinCC Runtime Advanced	Version: All versions < V15.1 Upd4
Siemens	SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)	Version: All versions < V1.1.3
Siemens	SIMOCODE pro V PROFINET (incl. SIPLUS variants)	Version: All versions < V2.1.3
Siemens	SINAMICS G130 V4.6 Control Unit	Version: All versions
Siemens	SINAMICS G130 V4.7 Control Unit	Version: All versions
Siemens	SINAMICS G130 V4.7 SP1 Control Unit	Version: All versions
Siemens	SINAMICS G130 V4.8 Control Unit	Version: All versions < V4.8 HF6
Siemens	SINAMICS G130 V5.1 Control Unit	Version: All versions
Siemens	SINAMICS G130 V5.1 SP1 Control Unit	Version: All versions < V5.1 SP1 HF4
Siemens	SINAMICS G150 V4.6 Control Unit	Version: All versions
Siemens	SINAMICS G150 V4.7 Control Unit	Version: All versions
Siemens	SINAMICS G150 V4.7 SP1 Control Unit	Version: All versions
Siemens	SINAMICS G150 V4.8 Control Unit	Version: All versions < V4.8 HF6
Siemens	SINAMICS G150 V5.1 Control Unit	Version: All versions
Siemens	SINAMICS G150 V5.1 SP1 Control Unit	Version: All versions < V5.1 SP1 HF4
Siemens	SINAMICS GH150 V4.7 (Control Unit)	Version: All versions
Siemens	SINAMICS GH150 V4.8 (Control Unit)	Version: All versions < V4.8 SP2 HF9
Siemens	SINAMICS GL150 V4.7 (Control Unit)	Version: All versions
Siemens	SINAMICS GL150 V4.8 (Control Unit)	Version: All versions < V4.8 SP2 HF9
Siemens	SINAMICS GM150 V4.7 (Control Unit)	Version: All versions
Siemens	SINAMICS GM150 V4.8 (Control Unit)	Version: All versions < V4.8 SP2 HF9
Siemens	SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)	Version: All versions
Siemens	SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)	Version: All versions
Siemens	SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)	Version: All versions
Siemens	SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)	Version: All versions < V4.8 HF6
Siemens	SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)	Version: All versions
Siemens	SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)	Version: All versions < V5.1 SP1 HF4
Siemens	SINAMICS S150 V4.6 Control Unit	Version: All versions
Siemens	SINAMICS S150 V4.7 Control Unit	Version: All versions
Siemens	SINAMICS S150 V4.7 SP1 Control Unit	Version: All versions
Siemens	SINAMICS S150 V4.8 Control Unit	Version: All versions < V4.8 HF6
Siemens	SINAMICS S150 V5.1 Control Unit	Version: All versions
Siemens	SINAMICS S150 V5.1 SP1 Control Unit	Version: All versions < V5.1 SP1 HF4
Siemens	SINAMICS S210	Version: All versions < V5.1 SP1 HF8
Siemens	SINAMICS SL150 V4.7 (Control Unit)	Version: All versions < V4.7 HF33
Siemens	SINAMICS SL150 V4.8 (Control Unit)	Version: All versions
Siemens	SINAMICS SM120 V4.7 (Control Unit)	Version: All versions
Siemens	SINAMICS SM120 V4.8 (Control Unit)	Version: All versions < V4.8 SP2 HF10
Siemens	SINAMICS SM150 V4.8 (Control Unit)	Version: All versions
Siemens	SIPLUS ET 200S IM151-8 PN/DP CPU	Version: All versions < V3.2.16
Siemens	SIPLUS ET 200S IM151-8F PN/DP CPU	Version: All versions < V3.2.16
Siemens	SIPLUS NET CP 343-1 Advanced	Version: All versions
Siemens	SIPLUS NET CP 443-1	Version: All versions < V3.3
Siemens	SIPLUS NET CP 443-1 Advanced	Version: All versions < V3.3
Siemens	SIPLUS S7-300 CPU 314C-2 PN/DP	Version: All versions < V3.3.16
Siemens	SIPLUS S7-300 CPU 315-2 PN/DP	Version: All versions < V3.2.16
Siemens	SIPLUS S7-300 CPU 315F-2 PN/DP	Version: All versions < V3.2.16
Siemens	SIPLUS S7-300 CPU 317-2 PN/DP	Version: All versions < V3.2.16
Siemens	SIPLUS S7-300 CPU 317F-2 PN/DP	Version: All versions < V3.2.16
Siemens	SITOP Manager	Version: All versions < V1.1
Siemens	SITOP PSU8600	Version: All versions < V1.5
Siemens	SITOP UPS1600 (incl. SIPLUS variants)	Version: All versions < V2.3
Siemens	TIM 1531 IRC (incl. SIPLUS NET variants)	Version: All versions < V2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC IPC DiagMonitor",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF182C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF600R family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RFID 181EIP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319F-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-PLCSIM Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0 SP1 UPD1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Basic",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Standard",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.6 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.8 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V5.1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V5.1 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.6 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.8 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V5.1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V5.1 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GH150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GH150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GL150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GL150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GM150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GM150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.6 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.8 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V5.1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V5.1 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S210",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF8"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF33"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM120 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM120 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP Manager",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP PSU8600",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP UPS1600 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TIM 1531 IRC (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-09T11:51:03.049Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6568",
    "datePublished": "2019-04-17T13:40:24",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-13814

Vulnerability from cvelistv5

Published

2018-12-13 16:00

Modified

2024-08-05 09:14

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V14), SIMATIC WinCC Runtime Advanced (All versions < V14), SIMATIC WinCC Runtime Professional (All versions < V14), SIMATIC WinCC (TIA Portal) (All versions < V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/105931	vdb-entry, x_refsource_BID
	https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Siemens AG

SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)

Version: SIMATIC HMI Comfort Panels 4" - 22" : All versions < V14
Version: SIMATIC HMI Comfort Outdoor Panels 7" & 15" : All versions < V14
Version: SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions < V14
Version: SIMATIC WinCC Runtime Advanced : All versions < V14
Version: SIMATIC WinCC Runtime Professional : All versions < V14
Version: SIMATIC WinCC (TIA Portal) : All versions < V14
Version: SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:14:47.244Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105931",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105931"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "SIMATIC HMI Comfort Panels 4\" - 22\" : All versions \u003c V14"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" : All versions \u003c V14"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions \u003c V14"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC Runtime Advanced : All versions \u003c V14"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC Runtime Professional : All versions \u003c V14"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC (TIA Portal) : All versions \u003c V14"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions"
            }
          ]
        }
      ],
      "datePublic": "2018-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V14), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V14), SIMATIC WinCC Runtime Advanced (All versions \u003c V14), SIMATIC WinCC Runtime Professional (All versions \u003c V14), SIMATIC WinCC (TIA Portal) (All versions \u003c V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-113",
              "description": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-14T10:57:02",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "105931",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105931"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-13814",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SIMATIC HMI Comfort Panels 4\" - 22\" : All versions \u003c V14"
                          },
                          {
                            "version_value": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" : All versions \u003c V14"
                          },
                          {
                            "version_value": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions \u003c V14"
                          },
                          {
                            "version_value": "SIMATIC WinCC Runtime Advanced : All versions \u003c V14"
                          },
                          {
                            "version_value": "SIMATIC WinCC Runtime Professional : All versions \u003c V14"
                          },
                          {
                            "version_value": "SIMATIC WinCC (TIA Portal) : All versions \u003c V14"
                          },
                          {
                            "version_value": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V14), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V14), SIMATIC WinCC Runtime Advanced (All versions \u003c V14), SIMATIC WinCC Runtime Professional (All versions \u003c V14), SIMATIC WinCC (TIA Portal) (All versions \u003c V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The integrated web server (port 80/tcp and port 443/tcp) of the affected devices could allow an attacker to inject HTTP headers. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Response Splitting\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105931",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105931"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944083.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-13814",
    "datePublished": "2018-12-13T16:00:00",
    "dateReserved": "2018-07-10T00:00:00",
    "dateUpdated": "2024-08-05T09:14:47.244Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-27383

Vulnerability from cvelistv5

Published

2021-05-12 13:18

Modified

2024-08-03 20:48

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	x_refsource_MISC
	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)

Version: All versions < V15.1 Update 6

Siemens	SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V16 Update 4
Siemens	SIMATIC WinCC Runtime Advanced V15	Version: All versions < V15.1 Update 6
Siemens	SIMATIC WinCC Runtime Advanced V16	Version: All versions < V16 Update 4
Siemens	SINAMICS GH150	Version: All versions
Siemens	SINAMICS GL150 (with option X30)	Version: All versions
Siemens	SINAMICS GM150 (with option X30)	Version: All versions
Siemens	SINAMICS SH150	Version: All versions
Siemens	SINAMICS SL150	Version: All versions
Siemens	SINAMICS SM120	Version: All versions
Siemens	SINAMICS SM150	Version: All versions
Siemens	SINAMICS SM150i	Version: All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:15",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27383",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the server Tight encoder, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-770: Allocation of Resources Without Limits or Throttling"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27383",
    "datePublished": "2021-05-12T13:18:22",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.589Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6576

Vulnerability from cvelistv5

Published

2019-05-14 19:54

Modified

2024-08-04 20:23

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	x_refsource_MISC
	http://www.securityfocus.com/bid/108412	vdb-entry, x_refsource_BID
	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens AG

SIMATIC HMI Comfort Panels 4" - 22"

Version: All versions < V15.1 Update 1

Siemens AG	SIMATIC HMI Comfort Outdoor Panels 7" & 15"	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC Runtime Advanced	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC Runtime Professional	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC (TIA Portal)	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)	Version: All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.141Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-310",
              "description": "CWE-310: Cryptographic Issues",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:26:04",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6576",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-310: Cryptographic Issues"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6576",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6575

Vulnerability from cvelistv5

Published

2019-04-17 13:40

Modified

2024-08-04 20:23

Severity ?

Summary

A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC CP 443-1 OPC UA

Version: All versions

Siemens	SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)	Version: All versions < V2.7
Siemens	SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants)	Version: All versions < V15.1 Upd 4
Siemens	SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants)	Version: All versions < V15.1 Upd 4
Siemens	SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Upd 4
Siemens	SIMATIC IPC DiagMonitor	Version: All versions < V5.1.3
Siemens	SIMATIC NET PC Software V13	Version: All versions
Siemens	SIMATIC NET PC Software V14	Version: All versions < V14 SP1 Update 14
Siemens	SIMATIC NET PC Software V15	Version: All versions
Siemens	SIMATIC RF188C	Version: All versions < V1.1.0
Siemens	SIMATIC RF600R family	Version: All versions < V3.2.1
Siemens	SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)	Version: All versions >= V2.5 < V2.6.1
Siemens	SIMATIC S7-1500 Software Controller	Version: All versions between V2.5 (including) and V2.7 (excluding)
Siemens	SIMATIC WinCC OA	Version: All versions < V3.15 P018
Siemens	SIMATIC WinCC Runtime Advanced	Version: All versions < V15.1 Upd 4
Siemens	SINEC NMS	Version: All versions < V1.0 SP1
Siemens	SINEMA Server	Version: All versions < V14 SP2
Siemens	SINUMERIK OPC UA Server	Version: All versions < V2.1
Siemens	TeleControl Server Basic	Version: All versions < V3.1.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.041Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd 4"
            }
          ]
        },
        {
          "product": "SIMATIC IPC DiagMonitor",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1.3"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V13",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V14",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP1 Update 14"
            }
          ]
        },
        {
          "product": "SIMATIC NET PC Software V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "product": "SIMATIC RF600R family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.1"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.5 \u003c V2.6.1"
            }
          ]
        },
        {
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions between V2.5 (including) and V2.7 (excluding)"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC OA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.15 P018"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd 4"
            }
          ]
        },
        {
          "product": "SINEC NMS",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.0 SP1"
            }
          ]
        },
        {
          "product": "SINEMA Server",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V14 SP2"
            }
          ]
        },
        {
          "product": "SINUMERIK OPC UA Server",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        },
        {
          "product": "TeleControl Server Basic",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.1.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248: Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-10T11:16:36",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6575",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC CP 443-1 OPC UA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.7"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Upd 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Upd 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Upd 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC IPC DiagMonitor",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V5.1.3"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC NET PC Software V13",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC NET PC Software V14",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V14 SP1 Update 14"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC NET PC Software V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF188C",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V1.1.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF600R family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.2.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e= V2.5 \u003c V2.6.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC S7-1500 Software Controller",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions between V2.5 (including) and V2.7 (excluding)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC OA",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.15 P018"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Upd 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINEC NMS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V1.0 SP1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINEMA Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V14 SP2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINUMERIK OPC UA Server",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "TeleControl Server Basic",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V3.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-248: Uncaught Exception"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6575",
    "datePublished": "2019-04-17T13:40:24",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.041Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-13813

Vulnerability from cvelistv5

Published

2018-12-13 16:00

Modified

2024-08-05 09:14

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/105922	vdb-entry, x_refsource_BID
	https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Siemens AG

SIMATIC HMI Comfort Panels 4" - 22", SIMATIC HMI Comfort Outdoor Panels 7" & 15", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)

Version: SIMATIC HMI Comfort Panels 4" - 22" : All versions < V15 Update 4
Version: SIMATIC HMI Comfort Outdoor Panels 7" & 15" : All versions < V15 Update 4
Version: SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions < V15 Update 4
Version: SIMATIC WinCC Runtime Advanced : All versions < V15 Update 4
Version: SIMATIC WinCC Runtime Professional : All versions < V15 Update 4
Version: SIMATIC WinCC (TIA Portal) : All versions < V15 Update 4
Version: SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:14:47.263Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105922",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105922"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "SIMATIC HMI Comfort Panels 4\" - 22\" : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC Runtime Advanced : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC Runtime Professional : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC WinCC (TIA Portal) : All versions \u003c V15 Update 4"
            },
            {
              "status": "affected",
              "version": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions"
            }
          ]
        }
      ],
      "datePublic": "2018-12-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-14T10:57:02",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "name": "105922",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105922"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2018-13813",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\", SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\", SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F, SIMATIC WinCC Runtime Advanced, SIMATIC WinCC Runtime Professional, SIMATIC WinCC (TIA Portal), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "SIMATIC HMI Comfort Panels 4\" - 22\" : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC WinCC Runtime Advanced : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC WinCC Runtime Professional : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC WinCC (TIA Portal) : All versions \u003c V15 Update 4"
                          },
                          {
                            "version_value": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) : All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions \u003c V15 Update 4), SIMATIC WinCC Runtime Professional (All versions \u003c V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions \u003c V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The webserver of affected HMI devices may allow URL redirections to untrusted websites. An attacker must trick a valid user who is authenticated to the device into clicking on a malicious link to exploit the vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105922",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105922"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-233109.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2018-13813",
    "datePublished": "2018-12-13T16:00:00",
    "dateReserved": "2018-07-10T00:00:00",
    "dateUpdated": "2024-08-05T09:14:47.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6572

Vulnerability from cvelistv5

Published

2019-05-14 19:54

Modified

2024-08-04 20:23

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions < V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions < V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf	x_refsource_MISC
	http://www.securityfocus.com/bid/108412	vdb-entry, x_refsource_BID
	https://www.us-cert.gov/ics/advisories/ICSA-19-134-09	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

Siemens AG

SIMATIC HMI Comfort Panels 4" - 22"

Version: All versions < V15.1 Update 1

Siemens AG	SIMATIC HMI Comfort Outdoor Panels 7" & 15"	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC Runtime Advanced	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC Runtime Professional	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC WinCC (TIA Portal)	Version: All versions < V15.1 Update 1
Siemens AG	SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)	Version: All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.238Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
          },
          {
            "name": "108412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108412"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Professional",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC (TIA Portal)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 1"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
          "vendor": "Siemens AG",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-24T15:25:12",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
        },
        {
          "name": "108412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108412"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2019-6572",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Panels 4\" - 22\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\"",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Professional",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC (TIA Portal)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens AG"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Panels 4\" - 22\" (All versions \u003c V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (All versions \u003c V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Update 1), SIMATIC WinCC Runtime Professional (All versions \u003c V15.1 Update 1), SIMATIC WinCC (TIA Portal) (All versions \u003c V15.1 Update 1), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions). The affected device offered SNMP read and write capacities with a publicly know hardcoded community string. The security vulnerability could be exploited by an attacker with network access to the affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentiality and integrity of the affected system. At the time of advisory publication no public exploitation of this security vulnerability was known."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200: Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
            },
            {
              "name": "108412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108412"
            },
            {
              "name": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09",
              "refsource": "MISC",
              "url": "https://www.us-cert.gov/ics/advisories/ICSA-19-134-09"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6572",
    "datePublished": "2019-05-14T19:54:48",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.238Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-27386

Vulnerability from cvelistv5

Published

2021-05-12 13:18

Modified

2024-08-03 20:48

Severity ?

Summary

A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions < V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions < V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition.

References

▼	URL	Tags
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	x_refsource_MISC
	https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12	x_refsource_MISC
	https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Siemens

SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants)

Version: All versions < V15.1 Update 6

Siemens	SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI Comfort Panels V15 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI Comfort Panels V16 4\" - 22\" (incl. SIPLUS variants)	Version: All versions < V16 Update 4
Siemens	SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V15.1 Update 6
Siemens	SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F	Version: All versions < V16 Update 4
Siemens	SIMATIC WinCC Runtime Advanced V15	Version: All versions < V15.1 Update 6
Siemens	SIMATIC WinCC Runtime Advanced V16	Version: All versions < V16 Update 4
Siemens	SINAMICS GH150	Version: All versions
Siemens	SINAMICS GL150 (with option X30)	Version: All versions
Siemens	SINAMICS GM150 (with option X30)	Version: All versions
Siemens	SINAMICS SH150	Version: All versions
Siemens	SINAMICS SL150	Version: All versions
Siemens	SINAMICS SM120	Version: All versions
Siemens	SINAMICS SM150	Version: All versions
Siemens	SINAMICS SM150i	Version: All versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:48:16.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V15",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Update 6"
            }
          ]
        },
        {
          "product": "SIMATIC WinCC Runtime Advanced V16",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V16 Update 4"
            }
          ]
        },
        {
          "product": "SINAMICS GH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GL150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS GM150 (with option X30)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SH150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SL150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM120",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "product": "SINAMICS SM150i",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "CWE-401: Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-12T09:49:18",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-27386",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants)\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F\n",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V15",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V15.1 Update 6"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC WinCC Runtime Advanced V16",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V16 Update 4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GL150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS GM150 (with option X30)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SH150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SL150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM120",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SINAMICS SM150i",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\\\" \u0026 15\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI Comfort Panels V15 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V15.1 Update 6), SIMATIC HMI Comfort Panels V16 4\\\" - 22\\\" (incl. SIPLUS variants) (All versions \u003c V16 Update 4), SIMATIC HMI KTP Mobile Panels V15 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Update 6), SIMATIC HMI KTP Mobile Panels V16 KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V16 Update 4), SIMATIC WinCC Runtime Advanced V15 (All versions \u003c V15.1 Update 6), SIMATIC WinCC Runtime Advanced V16 (All versions \u003c V16 Update 4), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). SmartVNC has a heap allocation leak vulnerability in the device layout handler on client side, which could result in a Denial-of-Service condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-401: Missing Release of Memory after Effective Lifetime"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            },
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-12"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538778.pdf"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-27386",
    "datePublished": "2021-05-12T13:18:23",
    "dateReserved": "2021-02-18T00:00:00",
    "dateUpdated": "2024-08-03T20:48:16.446Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to siemens - simatic_hmi_ktp_mobile_panels_ktp400f_firmware

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5