All the vulnerabilites related to siemens - simatic_net_pc
cve-2021-45117
Vulnerability from cvelistv5
Published
2022-03-21 14:05
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.youtube.com/watch?v=qv-RBdCaV4k | x_refsource_MISC | |
| https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:39:20.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=qv-RBdCaV4k"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T11:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.youtube.com/watch?v=qv-RBdCaV4k"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-45117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.youtube.com/watch?v=qv-RBdCaV4k",
"refsource": "MISC",
"url": "https://www.youtube.com/watch?v=qv-RBdCaV4k"
},
{
"name": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf",
"refsource": "MISC",
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-45117",
"datePublished": "2022-03-21T14:05:45",
"dateReserved": "2021-12-16T00:00:00",
"dateUpdated": "2024-08-04T04:39:20.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-7580
Vulnerability from cvelistv5
Published
2020-06-10 00:00
Modified
2024-08-04 09:33
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC Automation Tool |
Version: All versions < V4 SP2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC Automation Tool",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4 SP2"
}
]
},
{
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 14"
}
]
},
{
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC NET PC Software V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Upd3"
}
]
},
{
"product": "SIMATIC PCS neo",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0 SP1"
}
]
},
{
"product": "SIMATIC ProSave",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17"
}
]
},
{
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V21.8"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V13",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13 SP2 Update 4"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 10"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 5"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 2"
}
]
},
{
"product": "SIMATIC STEP 7 V5",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.6 SP2 HF3"
}
]
},
{
"product": "SIMATIC WinCC OA V3.16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.16 P018"
}
]
},
{
"product": "SIMATIC WinCC OA V3.17",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.17 P003"
}
]
},
{
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 2"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V13",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13 SP2 Update 4"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 10"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 5"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 2"
}
]
},
{
"product": "SIMATIC WinCC V7.4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.4 SP1 Update 14"
}
]
},
{
"product": "SIMATIC WinCC V7.5",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.5 SP1 Update 3"
}
]
},
{
"product": "SINAMICS STARTER",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V5.4 HF2"
}
]
},
{
"product": "SINAMICS Startdrive",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V16 Update 3"
}
]
},
{
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.0 SP2"
}
]
},
{
"product": "SINEMA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP3"
}
]
},
{
"product": "SINUMERIK ONE virtual",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V6.14"
}
]
},
{
"product": "SINUMERIK Operate",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All Versions \u003c V6.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
},
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2020-7580",
"datePublished": "2020-06-10T00:00:00",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10929
Vulnerability from cvelistv5
Published
2019-08-13 18:55
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | x_refsource_MISC | |
| https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:40:15.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC CP 1626",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V20.8"
}
]
},
{
"product": "SIMATIC HMI Panel (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 14"
}
]
},
{
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.4.0"
}
]
},
{
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.8.1"
}
]
},
{
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V20.8"
}
]
},
{
"product": "SIMATIC S7-PLCSIM Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0"
}
]
},
{
"product": "SIMATIC STEP 7 (TIA Portal)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16"
}
]
},
{
"product": "SIMATIC WinCC (TIA Portal)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16"
}
]
},
{
"product": "SIMATIC WinCC OA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.16 P013"
}
]
},
{
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16"
}
]
},
{
"product": "TIM 1531 IRC (incl. SIPLUS NET variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T11:16:07",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-10929",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC CP 1626",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V20.8"
}
]
}
},
{
"product_name": "SIMATIC HMI Panel (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V14",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP1 Update 14"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V15",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC S7-1200 CPU family (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V4.4.0"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.8.1"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 Software Controller",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V20.8"
}
]
}
},
{
"product_name": "SIMATIC S7-PLCSIM Advanced",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.0"
}
]
}
},
{
"product_name": "SIMATIC STEP 7 (TIA Portal)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16"
}
]
}
},
{
"product_name": "SIMATIC WinCC (TIA Portal)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16"
}
]
}
},
{
"product_name": "SIMATIC WinCC OA",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.16 P013"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Advanced",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V16"
}
]
}
},
{
"product_name": "TIM 1531 IRC (incl. SIPLUS NET variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-10929",
"datePublished": "2019-08-13T18:55:57",
"dateReserved": "2019-04-08T00:00:00",
"dateUpdated": "2024-08-04T22:40:15.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40142
Vulnerability from cvelistv5
Published
2021-08-27 06:51
Modified
2024-08-04 02:27
Severity ?
EPSS score ?
Summary
In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://opcfoundation.org/security-bulletins/ | x_refsource_MISC | |
| https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://opcfoundation.org/security-bulletins/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-10T11:06:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://opcfoundation.org/security-bulletins/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-40142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://opcfoundation.org/security-bulletins/",
"refsource": "MISC",
"url": "https://opcfoundation.org/security-bulletins/"
},
{
"name": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf",
"refsource": "MISC",
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-40142",
"datePublished": "2021-08-27T06:51:28",
"dateReserved": "2021-08-25T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40359
Vulnerability from cvelistv5
Published
2021-11-09 11:32
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V8.2 |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:44:09.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V9.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V9.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 6"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V17",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 SP3 UC04"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V9.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.1 SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V9.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V15 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15 SP1 Update 7"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 5"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V17",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V17 Update 2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V7.4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.4 SP1 Update 19"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V7.5",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.5 SP2 Update 5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 6), SIMATIC NET PC Software V17 (All versions \u003c V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:01:59.282Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2021-40359",
"datePublished": "2021-11-09T11:32:05",
"dateReserved": "2021-09-01T00:00:00",
"dateUpdated": "2024-08-04T02:44:09.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-19282
Vulnerability from cvelistv5
Published
2020-03-10 19:16
Modified
2024-08-05 02:09
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.
Successful exploitation requires no system privileges and no user interaction.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V8.1 |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "OpenPCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 Upd3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.2 Upd12"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC BATCH V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 SP1 Upd5"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 14"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 SP3"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC Route Control V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 Upd4"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC (TIA Portal) V13",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13 SP2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC (TIA Portal) V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 10"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC (TIA Portal) V15.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Update 5"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V16 Update 1"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V7.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V7.4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.4 SP1 Update 14"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC V7.5",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.5 SP1 Update 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd12), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions \u003c V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions \u003c V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.\nSuccessful exploitation requires no system privileges and no user interaction."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-131",
"description": "CWE-131: Incorrect Calculation of Buffer Size",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:01:49.748Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-19282",
"datePublished": "2020-03-10T19:16:17",
"dateReserved": "2019-11-26T00:00:00",
"dateUpdated": "2024-08-05T02:09:39.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-4832
Vulnerability from cvelistv5
Published
2018-04-24 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | x_refsource_MISC | |
| http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V7.1 and earlier |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:18:26.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenPCS 7 V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "OpenPCS 7 V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "OpenPCS 7 V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.1 Upd5"
}
]
},
{
"product": "OpenPCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "OpenPCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 Upd1"
}
]
},
{
"product": "SIMATIC BATCH V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC BATCH V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.0 SP1 Upd21"
}
]
},
{
"product": "SIMATIC BATCH V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.1 SP1 Upd16"
}
]
},
{
"product": "SIMATIC BATCH V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.2 Upd10"
}
]
},
{
"product": "SIMATIC BATCH V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 SP1"
}
]
},
{
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 14"
}
]
},
{
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 15 SP1"
}
]
},
{
"product": "SIMATIC PCS 7 V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS 7 V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS 7 V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.2 SP1"
}
]
},
{
"product": "SIMATIC PCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 SP1"
}
]
},
{
"product": "SIMATIC Route Control V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 Upd1"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V13",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13 SP2 Upd2"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Upd5"
}
]
},
{
"product": "SIMATIC WinCC V7.2 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c WinCC 7.2 Upd 15"
}
]
},
{
"product": "SIMATIC WinCC V7.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c WinCC 7.3 Upd 16"
}
]
},
{
"product": "SIMATIC WinCC V7.4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.4 SP1 Upd 4"
}
]
},
{
"product": "SPPA-T3000 Application Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c Service Pack R8.2 SP2"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-12T09:06:48",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-4832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenPCS 7 V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "OpenPCS 7 V8.0",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "OpenPCS 7 V8.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.1 Upd5"
}
]
}
},
{
"product_name": "OpenPCS 7 V8.2",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "OpenPCS 7 V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 Upd1"
}
]
}
},
{
"product_name": "SIMATIC BATCH V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC BATCH V8.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.0 SP1 Upd21"
}
]
}
},
{
"product_name": "SIMATIC BATCH V8.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.1 SP1 Upd16"
}
]
}
},
{
"product_name": "SIMATIC BATCH V8.2",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.2 Upd10"
}
]
}
},
{
"product_name": "SIMATIC BATCH V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 SP1"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V14",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP1 Update 14"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V15",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 15 SP1"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V8.0",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V8.1",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V8.2",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.2 SP1"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 SP1"
}
]
}
},
{
"product_name": "SIMATIC Route Control V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V8.0",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V8.1",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V8.2",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 Upd1"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V13",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13 SP2 Upd2"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V14",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP1 Upd5"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.2 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions \u003c WinCC 7.2 Upd 15"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.3",
"version": {
"version_data": [
{
"version_value": "All versions \u003c WinCC 7.3 Upd 16"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.4",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V7.4 SP1 Upd 4"
}
]
}
},
{
"product_name": "SPPA-T3000 Application Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c Service Pack R8.2 SP2"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"name": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2018-4832",
"datePublished": "2018-04-24T17:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T05:18:26.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-03-10 20:15
Modified
2024-11-21 04:34
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions < V8.2 Upd12), SIMATIC BATCH V9.0 (All versions < V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions < V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions < V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.
Successful exploitation requires no system privileges and no user interaction.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | openpcs_7 | 9.0 | |
| siemens | openpcs_7 | 9.0_update_1 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_route_control | * | |
| siemens | simatic_route_control | 9.0 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5.1 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 13 | |
| siemens | simatic_wincc | 14.0.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 15.1 | |
| siemens | simatic_wincc | 16 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1CBF717A-B2D4-459C-894A-65622570645D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:9.0_update_1:*:*:*:*:*:*:*",
"matchCriteriaId": "957DDF70-1837-4E92-A707-944AD6ED4304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E54F6E83-C353-44FB-9F37-C03DA344A5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3E19D98B-B40A-4589-8C26-7722C25EEC63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_1:*:*:*:*:*:*",
"matchCriteriaId": "85CDD274-B2B4-4DB0-9917-C16B5D900006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_2:*:*:*:*:*:*",
"matchCriteriaId": "0B435D51-FFA2-4F19-9B51-404BB37D7F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_3:*:*:*:*:*:*",
"matchCriteriaId": "AFBBC7D6-D1D4-452E-A744-B490CF002354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_4:*:*:*:*:*:*",
"matchCriteriaId": "98BC62E3-4C0B-481A-9274-B9C785F8FDC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "744B5953-511F-42CA-80A0-DBE36A6AA144",
"versionEndExcluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
"matchCriteriaId": "496E3C43-5DA8-4983-8AC6-0F32454E22F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "858628AC-EA69-4D72-AE23-77A4A8DE2547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F4A75F15-8F47-4348-A85C-D94BBA8F9992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7AA0E077-AB19-473B-9454-8FED7188A2C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "19EA3CAD-E7CB-412F-A2EA-86A81EC25425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "885BA05F-BD8F-4DE9-BDD3-6C2C76418B05",
"versionEndExcluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "57073CE8-174E-429D-A721-AB14C7D16D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2637C346-8AAF-481F-AFB0-BAD4254D14F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_1:*:*:*:*:*:*",
"matchCriteriaId": "9589FF11-4F9B-40F6-A6C6-55405B9EE351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_10:*:*:*:*:*:*",
"matchCriteriaId": "1DB57B3A-C3B6-4E61-9DAE-B12CEA8CD093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_11:*:*:*:*:*:*",
"matchCriteriaId": "EA6B2933-9C44-480C-96DC-6DF8C88950AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_12:*:*:*:*:*:*",
"matchCriteriaId": "45097864-DD87-4587-997B-792F0175472B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_13:*:*:*:*:*:*",
"matchCriteriaId": "2FB24A30-0F93-430D-817E-05E4594C8823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_2:*:*:*:*:*:*",
"matchCriteriaId": "25237B9A-2E51-4F17-BD75-04D245CCC51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_3:*:*:*:*:*:*",
"matchCriteriaId": "90643D49-9EFC-4B9A-99C8-266135DF2E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_4:*:*:*:*:*:*",
"matchCriteriaId": "AC4D7B24-91FF-4891-ABC3-683A6C72ADDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_5:*:*:*:*:*:*",
"matchCriteriaId": "D1DD77A4-1716-4793-AD73-79D04E3D2AEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_6:*:*:*:*:*:*",
"matchCriteriaId": "5E667123-6909-4DF2-8CEB-6E87E9FC48BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_7:*:*:*:*:*:*",
"matchCriteriaId": "04A5C76A-5D6D-47F8-BEF7-503F9A89AD18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_8:*:*:*:*:*:*",
"matchCriteriaId": "E776629C-904C-49D6-BF3F-8520FA7D5DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update_9:*:*:*:*:*:*",
"matchCriteriaId": "805DAA15-03A3-4F63-90F7-EA130E5136F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*",
"matchCriteriaId": "E79DA14E-419C-49BA-8E4F-2907E1D8937F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:-:*:*:*:*:*",
"matchCriteriaId": "00A48A8E-C112-4778-8A7B-2386E88A0177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5.1:-:*:*:*:*:*:*",
"matchCriteriaId": "D3D10C7E-5FD5-4B37-884B-B450DE5F800B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:13:-:*:*:*:*:*:*",
"matchCriteriaId": "0D9FE447-2090-47D2-8667-5DC7605089BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:13:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BB4FFADC-51F0-439F-9F80-D2B2614FFC39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:14.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5A7162-F1B5-4E74-99D6-4108AC4C49FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "50B77C2A-4D66-4407-8CA4-99C43ED72DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:15.1:update_1:*:*:*:*:*:*",
"matchCriteriaId": "9794ED7E-EB17-4C95-B900-840A48758F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:15.1:update_2:*:*:*:*:*:*",
"matchCriteriaId": "57E82CFE-4191-4055-A0BA-EAB7BE96D947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:15.1:update_3:*:*:*:*:*:*",
"matchCriteriaId": "C4DBBDAA-BCAE-4B63-BDFC-3DD70DAD9B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:15.1:update_4:*:*:*:*:*:*",
"matchCriteriaId": "B5AF87C6-F8D6-4462-9DF5-B9D301002B1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*",
"matchCriteriaId": "A4316924-9EF8-4835-A2E4-0C81F4DE473D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd12), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1 Upd5), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15.1 (All versions \u003c V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (All versions \u003c V16 Update 1), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition.\nSuccessful exploitation requires no system privileges and no user interaction."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en OpenPCS 7 V8.1 (Todas las versiones), OpenPCS 7 V8.2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a V9.0 Upd3), SIMATIC BATCH V8.1 (Todas las versiones), SIMATIC BATCH V8.2 (Todas las versiones), SIMATIC BATCH V9.0 (Todas las versiones anteriores a V9. 0 SP1 Upd5), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC PCS 7 V8.1 (Todas las versiones), SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9. 0 SP3), SIMATIC Route Control V8.1 (Todas las versiones), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones anteriores a V9.0 Upd4), SIMATIC WinCC (TIA Portal) V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC (TIA Portal) V14 (Todas las versiones anteriores a V14 SP1 Update 10), SIMATIC WinCC (TIA Portal) V15. 1 (Todas las versiones anteriores a V15.1 Update 5), SIMATIC WinCC (TIA Portal) V16 (Todas las versiones anteriores a V16 Update 1), SIMATIC WinCC V7.3 (Todas las versiones), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a V7.5 SP1 Update 1). A trav\u00e9s de mensajes especialmente dise\u00f1ados, cuando la comunicaci\u00f3n cifrada est\u00e1 habilitada, un atacante con acceso a la red podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del sistema causando una condici\u00f3n de denegaci\u00f3n de servicio. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario"
}
],
"id": "CVE-2019-19282",
"lastModified": "2024-11-21T04:34:29.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2020-03-10T20:15:18.960",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-270778.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-131"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-10 17:15
Modified
2024-11-21 05:37
Severity ?
Summary
A vulnerability has been identified in SIMATIC Automation Tool (All versions < V4 SP2), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Upd3), SIMATIC PCS neo (All versions < V3.0 SP1), SIMATIC ProSave (All versions < V17), SIMATIC S7-1500 Software Controller (All versions < V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions < V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions < V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update 2), SIMATIC STEP 7 V5 (All versions < V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions < V3.16 P018), SIMATIC WinCC OA V3.17 (All versions < V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions < V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions < V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions < V7.5 SP1 Update 3), SINAMICS STARTER (All Versions < V5.4 HF2), SINAMICS Startdrive (All Versions < V16 Update 3), SINEC NMS (All versions < V1.0 SP2), SINEMA Server (All versions < V14 SP3), SINUMERIK ONE virtual (All Versions < V6.14), SINUMERIK Operate (All Versions < V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf | Vendor Advisory | |
| productcert@siemens.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_automatic_tool | * | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_neo | * | |
| siemens | simatic_prosave | * | |
| siemens | simatic_s7-1500_software_controller | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_step_7 | 5.6 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_open_architecture | 3.17 | |
| siemens | simatic_wincc_runtime_advanced | * | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | sinamics_startdrive | * | |
| siemens | sinamics_starter_commissioning_tool | * | |
| siemens | sinec_network_management_system | * | |
| siemens | sinema_server | * | |
| siemens | sinumerik_one_virtual | * | |
| siemens | sinumerik_operate | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_automatic_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A659B687-1038-42F5-B8AC-A394E41D22A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "744B5953-511F-42CA-80A0-DBE36A6AA144",
"versionEndExcluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
"matchCriteriaId": "496E3C43-5DA8-4983-8AC6-0F32454E22F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:update1:*:*:*:*:*:*",
"matchCriteriaId": "17BCC3CD-61D0-416D-A241-D35AF8EE5BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E3BDF0-B691-4A97-A74A-A65EC910480E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_neo:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D61D4B81-7F51-49BE-83DD-D2C28D23B0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_prosave:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7752CF-D754-4A78-999B-45FE379E03DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "658E1A3F-29D6-48D2-BCCE-0BCC41AC49F6",
"versionEndExcluding": "21.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF09D6E-3375-4731-B16D-30B7592EA5FB",
"versionEndExcluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1A3CA33C-AFAB-418F-870F-0236B8E55943",
"versionEndIncluding": "16",
"versionStartIncluding": "13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:-:*:*:*:*:*:*",
"matchCriteriaId": "851F8474-4568-487D-98FB-47DF7EAEAC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "81EADA2F-884C-4D72-8489-71025B3EBAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78366D2F-B728-47F6-B539-5FB2D1B0419D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:5.6:sp2_hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "06A86DA0-BC1F-4306-B02E-ED2FA36BE273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F39B396-140B-4005-9A61-F984C9FAF742",
"versionEndExcluding": "7.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2637C346-8AAF-481F-AFB0-BAD4254D14F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update1:*:*:*:*:*:*",
"matchCriteriaId": "BF8404AB-579E-4C6B-BCA7-E95F2CE24F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update10:*:*:*:*:*:*",
"matchCriteriaId": "88F6B3BF-727F-432E-89D8-37FB7C76FE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update11:*:*:*:*:*:*",
"matchCriteriaId": "62EB588C-CBB4-4B17-9BB5-B14B1FC6BB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update12:*:*:*:*:*:*",
"matchCriteriaId": "AF3F613C-6707-4517-B4B8-530C912B79E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update13:*:*:*:*:*:*",
"matchCriteriaId": "590F62CE-9245-4AC9-9FBC-35136E217B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update2:*:*:*:*:*:*",
"matchCriteriaId": "241D5A28-FB22-4C5B-A067-733168E847BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update3:*:*:*:*:*:*",
"matchCriteriaId": "A5418F92-84A9-439C-B86C-ED5820697603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update4:*:*:*:*:*:*",
"matchCriteriaId": "40631FBD-116B-4589-B77A-6C5A69990F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update5:*:*:*:*:*:*",
"matchCriteriaId": "64B14972-6163-4D44-A9C6-16328E02AC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update6:*:*:*:*:*:*",
"matchCriteriaId": "8929E926-740F-4F17-B52C-4C73914B1818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update7:*:*:*:*:*:*",
"matchCriteriaId": "D4F72666-D10A-4EB2-80D3-18B04C101256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update8:*:*:*:*:*:*",
"matchCriteriaId": "0E343221-1E1A-4EE7-80AE-AB24E2244BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_update9:*:*:*:*:*:*",
"matchCriteriaId": "1BF716D7-0A77-400F-9B43-64FBE3E65735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*",
"matchCriteriaId": "E79DA14E-419C-49BA-8E4F-2907E1D8937F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "81F9C13C-065C-4E40-BB46-687D791348A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*",
"matchCriteriaId": "5CF06E69-0A23-418D-B0EC-574DACBB4DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*",
"matchCriteriaId": "9164EAC1-C416-4F1F-A910-CE84A167A6D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9ED7EF-EF58-400F-92C9-3D52D8E39783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3F9210-7A1E-4B10-B384-119FD5733A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9253AD-BD82-4BB2-84AD-EB1892B60358",
"versionEndIncluding": "16",
"versionStartIncluding": "13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinamics_startdrive:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C11DB09A-74E1-45EF-A162-9C1E91F54C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinamics_starter_commissioning_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1976CDDA-F2AF-4C47-804E-2C1DF44FBF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec_network_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52F7076E-12F7-4F62-9804-18598C39D3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C55DA617-6333-40DA-AB7D-EE49A453E143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_one_virtual:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A607E4B7-2F58-4F68-91EB-16874986E92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_operate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFC5C25-EC3C-4EB6-B5B2-478AE9CEF10F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC Automation Tool (All versions \u003c V4 SP2), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Upd3), SIMATIC PCS neo (All versions \u003c V3.0 SP1), SIMATIC ProSave (All versions \u003c V17), SIMATIC S7-1500 Software Controller (All versions \u003c V21.8), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (All versions \u003c V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (All versions \u003c V15.1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (All versions \u003c V16 Update 2), SIMATIC STEP 7 V5 (All versions \u003c V5.6 SP2 HF3), SIMATIC WinCC OA V3.16 (All versions \u003c V3.16 P018), SIMATIC WinCC OA V3.17 (All versions \u003c V3.17 P003), SIMATIC WinCC Runtime Advanced (All versions \u003c V16 Update 2), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (All versions \u003c V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (All versions \u003c V16 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP1 Update 3), SINAMICS STARTER (All Versions \u003c V5.4 HF2), SINAMICS Startdrive (All Versions \u003c V16 Update 3), SINEC NMS (All versions \u003c V1.0 SP2), SINEMA Server (All versions \u003c V14 SP3), SINUMERIK ONE virtual (All Versions \u003c V6.14), SINUMERIK Operate (All Versions \u003c V6.14). A common component used by the affected applications regularly calls a helper binary with SYSTEM privileges while the call path is not quoted. This could allow a local attacker to execute arbitrary code with SYTEM privileges."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC Automation Tool (Todas las versiones anteriores a la versi\u00f3n V4 SP2), SIMATIC NET PC Software V14 (Todas las versiones anteriores a la versi\u00f3n V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versi\u00f3n V16 Upd3), SIMATIC PCS neo (Todas las versiones anteriores a la versi\u00f3n V3.0 SP1), SIMATIC ProSave (Todas las versiones anteriores a la versi\u00f3n V17), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a la versi\u00f3n V21. 8), SIMATIC STEP 7 (Todas las versiones anteriores a la versi\u00f3n V5.6 SP2 HF3), SIMATIC STEP 7 (TIA Portal) V13 (Todas las versiones anteriores a la versi\u00f3n V13 SP2 Update 4), SIMATIC STEP 7 (TIA Portal) V14 (Todas las versiones anteriores a la versi\u00f3n V14 SP1 Update 10), SIMATIC STEP 7 (TIA Portal) V15 (Todas las versiones anteriores a la versi\u00f3n V15. 1 Update 5), SIMATIC STEP 7 (TIA Portal) V16 (Todas las versiones anteriores a la versi\u00f3n V16 Update 2), SIMATIC WinCC OA V3.16 (Todas las versiones anteriores a la versi\u00f3n V3.16 P018), SIMATIC WinCC OA V3. 17 (Todas las versiones anteriores a la versi\u00f3n V3.17 P003), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a la versi\u00f3n V16 Update 2), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a la versi\u00f3n V13 SP2 Update 4), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a la versi\u00f3n V14 SP1 Update 10), SIMATIC WinCC Runtime Professional V15 (Todas las versiones anteriores a la versi\u00f3n V15.1 Update 5), SIMATIC WinCC Runtime Professional V16 (Todas las versiones anteriores a la versi\u00f3n V16 Update 2), SIMATIC WinCC V7. 4 (Todas las versiones anteriores a la versi\u00f3n V7.4 SP1 Update 14), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versi\u00f3n V7.5 SP1 Update 3), SINAMICS STARTER (Todas las versiones anteriores a la versi\u00f3n V5.4 HF2), SINAMICS Startdrive (Todas las versiones anteriores a la versi\u00f3n V16 Update 3), SINEC NMS (Todas las versiones anteriores a la versi\u00f3n V1. 0 SP2), SINEMA Server (Todas las versiones anteriores a la versi\u00f3n V14 SP3), SINUMERIK ONE virtual (Todas las versiones anteriores a la versi\u00f3n V6.14), SINUMERIK Operate (Todas las versiones anteriores a la versi\u00f3n V6.14). Un componente dentro de la aplicaci\u00f3n afectada llama regularmente a un binario de ayuda con privilegios de SISTEMA mientras la ruta de llamada no est\u00e1 citada"
}
],
"id": "CVE-2020-7580",
"lastModified": "2024-11-21T05:37:24.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-10T17:15:12.347",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-312271.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-161-04"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-24 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | Third Party Advisory, VDB Entry | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | Mitigation, Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | openpcs_7 | * | |
| siemens | openpcs_7 | 8.0 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.1 | |
| siemens | openpcs_7 | 8.2 | |
| siemens | openpcs_7 | 9.0 | |
| siemens | simatic_batch | 7.1 | |
| siemens | simatic_batch | 8.0 | |
| siemens | simatic_batch | 8.0 | |
| siemens | simatic_batch | 8.1 | |
| siemens | simatic_batch | 8.1 | |
| siemens | simatic_batch | 8.1 | |
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_pcs_7 | * | |
| siemens | simatic_pcs_7 | 8.0 | |
| siemens | simatic_pcs_7 | 8.1 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_route_control | * | |
| siemens | simatic_route_control | 8.0 | |
| siemens | simatic_route_control | 8.1 | |
| siemens | simatic_route_control | 9.0 | |
| siemens | simatic_wincc_runtime_professional | * | |
| siemens | simatic_wincc_runtime_professional | 13 | |
| siemens | simatic_wincc_runtime_professional | 13 | |
| siemens | simatic_wincc_runtime_professional | 14 | |
| siemens | simatic_wincc_runtime_professional | 14 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.2 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.3 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | simatic_wincc | 7.4 | |
| siemens | sppa-t3000_application_server | * | |
| siemens | sppa-t3000_application_server | r8.2 | |
| siemens | sppa-t3000_application_server | r8.2 | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_net_pc_software | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CDCCD5-E4C7-4E52-8316-07F93E820842",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63F01837-6121-48E3-A18C-691AAC2800BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "781DC7D3-D470-465E-8E0A-9978CB2A6454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "726E5A2D-97EA-415A-A251-66A975B3F98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "ED9B2A87-0C1E-476E-AF7E-71EAB0CECEF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "20D3788F-FD9E-4A0F-A7C7-843B1ED67D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_4:*:*:*:*:*:*",
"matchCriteriaId": "F8186041-B1D6-4460-ACA7-23494D1F0E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8FF2D9-B31F-46DC-AF37-E0314F3D0B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3890EC18-2B5D-4B5A-8B21-6A0D1211EA98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E94E0B9-2950-42CA-837E-7900F820A9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "2C782AC7-6EAB-4F35-A646-52A4AC77E1D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.0:sp1_upd20:*:*:*:*:*:*",
"matchCriteriaId": "3C509A97-9DD2-413A-A7ED-B30FD9E5C98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "EE12DBC8-CD75-4517-BD3B-709E98B4D280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.1:sp1_upd14:*:*:*:*:*:*",
"matchCriteriaId": "38894CBB-44DA-4690-B762-4AA497C95037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.1:sp1_upd15:*:*:*:*:*:*",
"matchCriteriaId": "59178885-4A50-4AC6-A3BE-B288A1F6B5F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "4CAFD7F2-BB23-4E3A-A30E-78290D5EAB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.2:upd_9:*:*:*:*:*:*",
"matchCriteriaId": "F043FAC3-661C-4226-AA70-7EF836DDBA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1EFC3E-F29B-48C5-869C-F356414C8088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C06726E-497A-4FEF-8B4B-AF3F7B0EEFA4",
"versionEndExcluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFBFF6B-DBC8-451D-A235-4C7E1F0883D5",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3566C20F-A4A7-494F-AAD2-A11B0AD783D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "858628AC-EA69-4D72-AE23-77A4A8DE2547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3EEF9BE1-F6E2-4C05-8020-4D7540882464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20927394-2126-48C5-B0D5-88E16B6491DA",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF395C1-AA95-4064-BDEF-9B3C30FF6B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF693D1E-091C-4CBE-957C-58C47B4E44D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "57073CE8-174E-429D-A721-AB14C7D16D4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AAE5EBD-1B43-447D-8C19-9D3296F137F9",
"versionEndExcluding": "13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:13:-:*:*:*:*:*:*",
"matchCriteriaId": "00B0EEF6-E1F9-4AEB-82AA-445D161639D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:13:sp2_upd_1:*:*:*:*:*:*",
"matchCriteriaId": "DB8D7040-0223-413F-B87F-3417CFA50BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:14:-:*:*:*:*:*:*",
"matchCriteriaId": "17F622A5-75AE-4E5C-80CB-53C39EAE356D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:14:sp1_upd_4:*:*:*:*:*:*",
"matchCriteriaId": "8D2F5FA7-6B23-413C-AF6D-CA95EDA59212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C72CD2-86C8-4E79-AF98-A3D58E882DED",
"versionEndExcluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EF42322A-1E6E-44F6-B943-DC56E87F80D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:upd_14:*:*:*:*:*:*",
"matchCriteriaId": "A54099D6-1E2E-4DC5-98FD-6004758C581A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.3:-:*:*:*:*:*:*",
"matchCriteriaId": "AE3690D0-60A7-4E52-A36A-ADBA01F8D99F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.3:upd_15:*:*:*:*:*:*",
"matchCriteriaId": "98174EBE-EC43-431C-B943-11B21A167A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2637C346-8AAF-481F-AFB0-BAD4254D14F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_upd_3:*:*:*:*:*:*",
"matchCriteriaId": "9A699260-A239-46BE-BF64-A767D4F267FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sppa-t3000_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE233B0-3F20-4FA8-8E26-CCC3E21E49E1",
"versionEndExcluding": "r8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sppa-t3000_application_server:r8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "4EBA7673-3A24-4DF7-9D9C-4B863863083C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sppa-t3000_application_server:r8.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D0975E8C-C34F-4BD2-B4CF-41E5FBFD8A12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C06726E-497A-4FEF-8B4B-AF3F7B0EEFA4",
"versionEndExcluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A28DF82-4863-47FA-82FF-C3D63CFB1782",
"versionEndExcluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en OpenPCS 7 V7.1 y anteriores (Todas las versiones), OpenPCS 7 V8.0 (Todas las versiones), OpenPCS 7 V8.1 (Todas las versiones anteriores a V8.1 Upd5), OpenPCS 7 V8. 2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a V9.0 Upd1), SIMATIC BATCH V7.1 y anteriores (Todas las versiones), SIMATIC BATCH V8.0 (Todas las versiones anteriores a V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (Todas las versiones anteriores a V8. 1 SP1 Upd16), SIMATIC BATCH V8.2 (Todas las versiones anteriores a V8.2 Upd10), SIMATIC BATCH V9.0 (Todas las versiones anteriores a V9.0 SP1), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones anteriores a 15 SP1), SIMATIC PCS 7 V7. 1 y anteriores (Todas las versiones), SIMATIC PCS 7 V8.0 (Todas las versiones), SIMATIC PCS 7 V8.1 (Todas las versiones), SIMATIC PCS 7 V8. 2 (Todas las versiones anteriores a V8.2 SP1), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP1), SIMATIC Route Control V7.1 y anteriores (Todas las versiones), SIMATIC Route Control V8.0 (Todas las versiones), SIMATIC Route Control V8.1 (Todas las versiones), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones anteriores a V9. 0 Upd1), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a V14 SP1 Upd5), SIMATIC WinCC V7.2 y anteriores (Todas las versiones anteriores a WinCC 7. 2 Upd 15), SIMATIC WinCC V7.3 (Todas las versiones anteriores a WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Upd 4), SPPA-T3000 Application Server (Todas las versiones anteriores a Service Pack R8.2 SP2). Los mensajes especialmente dise\u00f1ados enviados al servicio RPC de los productos afectados podr\u00edan causar una condici\u00f3n de denegaci\u00f3n de servicio en la funcionalidad de comunicaci\u00f3n remota y local de los productos afectados. Es necesario reiniciar el sistema para recuperar la funcionalidad de comunicaci\u00f3n remota y local. Tenga en cuenta que un atacante necesita tener acceso a la red del servidor de aplicaciones para poder explotar esta vulnerabilidad. En el momento de la publicaci\u00f3n del aviso no se conoc\u00eda ninguna explotaci\u00f3n p\u00fablica de esta vulnerabilidad de seguridad"
}
],
"id": "CVE-2018-4832",
"lastModified": "2024-11-21T04:07:32.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-24T17:29:00.227",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-13 19:15
Modified
2024-11-21 04:20
Severity ?
Summary
A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.8.1), SIMATIC S7-1500 Software Controller (All versions < V20.8), SIMATIC S7-PLCSIM Advanced (All versions < V3.0), SIMATIC STEP 7 (TIA Portal) (All versions < V16), SIMATIC WinCC (TIA Portal) (All versions < V16), SIMATIC WinCC OA (All versions < V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions < V16), SIMATIC WinCC Runtime Professional (All versions < V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions < V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | Vendor Advisory | |
| productcert@siemens.com | https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-344-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware | * | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc | - | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware | * | |
| siemens | simatic_et_200sp_open_controller_cpu_1515sp_pc2 | - | |
| siemens | simatic_s7-1200_cpu_1211c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1211c | - | |
| siemens | simatic_s7-1200_cpu_1212c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1212c | - | |
| siemens | simatic_s7-1200_cpu_1214c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1214c | - | |
| siemens | simatic_s7-1200_cpu_1215c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1215c | - | |
| siemens | simatic_s7-1200_cpu_1217c_firmware | * | |
| siemens | simatic_s7-1200_cpu_1217c | - | |
| siemens | simatic_s7-1500_cpu_1518_firmware | * | |
| siemens | simatic_s7-1500_cpu_1518 | - | |
| siemens | simatic_s7-1500_cpu_1511c_firmware | * | |
| siemens | simatic_s7-1500_cpu_1511c | - | |
| siemens | simatic_s7-1500_cpu_1512c_firmware | * | |
| siemens | simatic_s7-1500_cpu_1512c | - | |
| siemens | simatic_net_pc | * | |
| siemens | simatic_s7-1500 | * | |
| siemens | simatic_s7-plcsim_advanced | * | |
| siemens | simatic_step_7 | * | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc_open_architecture | * | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_open_architecture | 3.16 | |
| siemens | simatic_wincc_runtime | * | |
| siemens | simatic_wincc_runtime | * | |
| siemens | simatic_cp_1626_firmware | * | |
| siemens | simatic_cp_1626 | - | |
| siemens | simatic_tim_1531_irc_firmware | * | |
| siemens | simatic_tim_1531_irc | - | |
| siemens | simatic_hmi_panel_firmware | * | |
| siemens | simatic_hmi_panel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA8109D-F938-4FE3-9885-831D2D0FE058",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8AED132-C4CF-4C2E-B826-DFAE745256FD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C59DF55E-2F4F-4BF1-B02F-05916BC863D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30E3491F-8F4A-4C7D-960D-073AA41DB4D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "621AC3EC-6DA3-4AA6-9100-0407EC8370E6",
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3871C0C9-C65E-4E0B-9CA8-75E60066297F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F22D58C-444F-4179-B84F-24D57F4971EB",
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07849777-92E7-41D2-9128-F8D20DE15391",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "985A67F3-9799-4D30-B049-619456280DA4",
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE17584A-BF7A-48B8-A9CB-477663766C63",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5E0374-939D-4C5E-B721-5AD8A3329387",
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC4698CF-F935-4707-BA91-7E3650C7956C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF7EA085-2297-4BA0-96AB-2A2EBE0BEFAF",
"versionEndIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "232279DE-CF1C-4A3C-886D-B4CE3F104F09",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF4F6EA7-68BD-4A9D-8DDC-1D802EA7905B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0BA68C-EB57-49CE-94A8-E7905AB79824",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1511c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33F882B8-EEDF-489E-9933-37EFC0AAC356",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1511c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "822894D4-96D5-4BDC-A698-D31262BCF422",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1512c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E8D52B-CDB3-4E26-A0C4-592CCBFBB827",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1512c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2E24A4C-AC13-4382-BDF6-E13878FED4DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "744B5953-511F-42CA-80A0-DBE36A6AA144",
"versionEndExcluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-1500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1684C0-4B7C-44A0-9F16-5F8121654397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9A3749-B092-4F92-8140-55F10A03A5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D968D9-2A64-4E1C-824F-6508AEC6789D",
"versionEndExcluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F96AD4B7-105A-4D60-9026-E5C6389F3C73",
"versionEndExcluding": "16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3580BA-45F0-4A01-925F-D56B0BA058F7",
"versionEndIncluding": "3.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:-:*:*:*:*:*:*",
"matchCriteriaId": "84D652E6-23F7-4EB6-AE66-69662E191559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_open_architecture:3.16:patch_12:*:*:*:*:*:*",
"matchCriteriaId": "1F0B76B7-FCB4-4831-BD00-AF29FD4606B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "29B1F502-8A3A-4C07-90D2-CE5EB06CB573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:*:*:*:*:professional:*:*:*",
"matchCriteriaId": "0384FFF2-F577-4FFC-8A84-5682771D1BC1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp_1626_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2DA2E87-7B96-4B6B-90F9-C22B138B441B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp_1626:-:*:*:*:*:*:*:*",
"matchCriteriaId": "581EA284-EDD6-4EA5-96B2-67904D1D9DC7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95DEFB00-96A2-460F-8B59-A288FD154FDC",
"versionEndExcluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_tim_1531_irc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEFDF765-44F4-45CB-8A28-FD7D355310DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_panel_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EE91BB69-3E42-4110-B49B-D53DB894E140",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_panel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35CA808F-891D-4E10-A87A-68440D0BE0CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1626 (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V20.8), SIMATIC HMI Panel (incl. SIPLUS variants) (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions \u003c V4.4.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003c V2.8.1), SIMATIC S7-1500 Software Controller (All versions \u003c V20.8), SIMATIC S7-PLCSIM Advanced (All versions \u003c V3.0), SIMATIC STEP 7 (TIA Portal) (All versions \u003c V16), SIMATIC WinCC (TIA Portal) (All versions \u003c V16), SIMATIC WinCC OA (All versions \u003c V3.16 P013), SIMATIC WinCC Runtime Advanced (All versions \u003c V16), SIMATIC WinCC Runtime Professional (All versions \u003c V16), TIM 1531 IRC (incl. SIPLUS NET variants) (All versions \u003c V2.1). Affected devices contain a message protection bypass vulnerability due to certain properties in the calculation used for integrity protection. This could allow an attacker in a Man-in-the-Middle position to modify network traffic sent on port 102/tcp to the affected devices."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC CP 1626 (Todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. variantes SIPLUS) (Todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. variantes SIPLUS) (Todas las versiones anteriores a V20. 8), SIMATIC HMI Panel (incl. variantes SIPLUS) (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), familia de CPUs SIMATIC S7-1200 (incl. variantes SIPLUS) (Todas las versiones anteriores a V4.4.0), familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 relacionadas y variantes SIPLUS) (Todas las versiones anteriores a V2.8.1), SIMATIC S7-1500 Software Controller (Todas las versiones anteriores a V20.8), SIMATIC S7-PLCSIM Advanced (Todas las versiones anteriores a V3.0), SIMATIC STEP 7 (TIA Portal) (Todas las versiones anteriores a V16), SIMATIC WinCC (TIA Portal) (Todas las versiones anteriores a V16), SIMATIC WinCC OA (Todas las versiones anteriores a V3. 16 P013), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a V16), SIMATIC WinCC Runtime Professional (Todas las versiones anteriores a V16), TIM 1531 IRC (incl. variantes de SIPLUS NET) (Todas las versiones anteriores a V2.1). Los dispositivos afectados contienen una vulnerabilidad de elusi\u00f3n de la protecci\u00f3n de mensajes debido a ciertas propiedades en el c\u00e1lculo utilizado para la protecci\u00f3n de la integridad. Esto podr\u00eda permitir a un atacante en posici\u00f3n de Man-in-the-Middle modificar el tr\u00e1fico de red enviado por el puerto 102/tcp a los dispositivos afectados"
}
],
"id": "CVE-2019-10929",
"lastModified": "2024-11-21T04:20:10.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-13T19:15:14.860",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-232418.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-273799.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-344-04"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-27 07:15
Modified
2024-11-21 06:23
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf | Patch, Third Party Advisory | |
| cve@mitre.org | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf | Patch, Vendor Advisory | |
| cve@mitre.org | https://opcfoundation.org/security-bulletins/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://opcfoundation.org/security-bulletins/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opcfoundation | local_discover_server | * | |
| siemens | simatic_process_historian_opc_ua_server_firmware | * | |
| siemens | simatic_process_historian_opc_ua_server_firmware | 2022 | |
| siemens | simatic_process_historian_opc_ua_server | - | |
| siemens | simatic_net_pc | 14 | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 17 | |
| siemens | simatic_wincc | - | |
| siemens | simatic_wincc_runtime | - | |
| siemens | simatic_wincc_unified_scada_runtime | - | |
| siemens | telecontrol_server_basic | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opcfoundation:local_discover_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD47A17-5E0C-4BCA-989C-C5CDEAC20A06",
"versionEndExcluding": "1.04.402.463",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BD1C40-AB88-4CB8-820E-C32C4AEBD455",
"versionEndExcluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:2022:-:*:*:*:*:*:*",
"matchCriteriaId": "D113B41E-4268-407B-A729-EBC9385D8943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14EC9343-7778-40B0-A74D-5C156FF2A229",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*",
"matchCriteriaId": "298E8F34-346B-4FC5-8690-3F947F585552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
"matchCriteriaId": "496E3C43-5DA8-4983-8AC6-0F32454E22F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*",
"matchCriteriaId": "AFBD6DDF-917C-44CC-A944-1945DC7AC9FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F7BB505-A6B6-4200-9602-E4D348E407AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*",
"matchCriteriaId": "E6BFBAED-EE2B-4DE4-A76C-824DD15F4608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_unified_scada_runtime:-:*:*:*:*:*:*:*",
"matchCriteriaId": "772ECFF2-BB17-4B72-A570-18631521E147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "975FC6E7-8FDB-4361-A691-44B26B0CBFD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer."
},
{
"lang": "es",
"value": "En OPC Foundation Local Discovery Server (LDS) versiones anteriores a 1.04.402.463, unos atacantes remotos pueden causar una denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de mensajes cuidadosamente dise\u00f1ados que conllevan a el Acceso a una Ubicaci\u00f3n de Memoria Despu\u00e9s del Final de un B\u00fafer."
}
],
"id": "CVE-2021-40142",
"lastModified": "2024-11-21T06:23:38.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-27T07:15:08.630",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://opcfoundation.org/security-bulletins/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-321292.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-40142.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://opcfoundation.org/security-bulletins/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-09 12:15
Modified
2024-11-21 06:23
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions < V16 Update 6), SIMATIC NET PC Software V17 (All versions < V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All versions < V16 Update 5), SIMATIC WinCC V17 (All versions < V17 Update 2), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 8.2 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.0 | |
| siemens | simatic_batch | 9.1 | |
| siemens | simatic_net_pc | 14 | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 17 | |
| siemens | simatic_route_control | 8.2 | |
| siemens | simatic_route_control | 9.0 | |
| siemens | simatic_route_control | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 7.5 | |
| siemens | simatic_wincc | 15 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 16 | |
| siemens | simatic_wincc | 17 | |
| siemens | simatic_wincc | 17 | |
| siemens | simaticpcs_7 | * | |
| siemens | simaticpcs_7 | * | |
| siemens | simaticpcs_7 | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "4CAFD7F2-BB23-4E3A-A30E-78290D5EAB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.2:upd_9:*:*:*:*:*:*",
"matchCriteriaId": "F043FAC3-661C-4226-AA70-7EF836DDBA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E54F6E83-C353-44FB-9F37-C03DA344A5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3E19D98B-B40A-4589-8C26-7722C25EEC63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_1:*:*:*:*:*:*",
"matchCriteriaId": "85CDD274-B2B4-4DB0-9917-C16B5D900006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_2:*:*:*:*:*:*",
"matchCriteriaId": "0B435D51-FFA2-4F19-9B51-404BB37D7F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_3:*:*:*:*:*:*",
"matchCriteriaId": "AFBBC7D6-D1D4-452E-A744-B490CF002354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:sp1_update_4:*:*:*:*:*:*",
"matchCriteriaId": "98BC62E3-4C0B-481A-9274-B9C785F8FDC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4598FFB9-68FC-4825-83AB-4B1D45C3B3E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*",
"matchCriteriaId": "298E8F34-346B-4FC5-8690-3F947F585552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
"matchCriteriaId": "496E3C43-5DA8-4983-8AC6-0F32454E22F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:update1:*:*:*:*:*:*",
"matchCriteriaId": "17BCC3CD-61D0-416D-A241-D35AF8EE5BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*",
"matchCriteriaId": "AFBD6DDF-917C-44CC-A944-1945DC7AC9FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F8A4F12-33E8-47CD-9790-60D0D39E6965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "57073CE8-174E-429D-A721-AB14C7D16D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "588E365B-D148-4253-A316-63FD11821F85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2E9785-246F-496B-9139-02E2F4003352",
"versionEndIncluding": "7.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3A0BA7-EDC9-428D-A9C9-1CF602CEDFB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:-:*:*:*:*:*:*",
"matchCriteriaId": "E79DA14E-419C-49BA-8E4F-2907E1D8937F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "81F9C13C-065C-4E40-BB46-687D791348A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update1:*:*:*:*:*:*",
"matchCriteriaId": "5CF06E69-0A23-418D-B0EC-574DACBB4DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp1_update2:*:*:*:*:*:*",
"matchCriteriaId": "9164EAC1-C416-4F1F-A910-CE84A167A6D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "3422B714-DB0F-4EE3-A7D4-9A0165214563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update1:*:*:*:*:*:*",
"matchCriteriaId": "70B79B00-F61D-4F10-AD7B-74718F061D9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update2:*:*:*:*:*:*",
"matchCriteriaId": "A8766442-CC8D-4221-89B8-F75D195F71E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update3:*:*:*:*:*:*",
"matchCriteriaId": "26C08FB9-AFEB-4A53-AAB3-37C9717B30C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.5:sp2_update4:*:*:*:*:*:*",
"matchCriteriaId": "68896900-7FCC-4BFB-B787-8992B459F00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "1ECA9805-26BE-4A3E-B418-A35DC1211AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:16:-:*:*:*:*:*:*",
"matchCriteriaId": "A4316924-9EF8-4835-A2E4-0C81F4DE473D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:16:update1:*:*:*:*:*:*",
"matchCriteriaId": "A1011EBE-A08D-4066-A2B8-45736AE6999B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:16:update2:*:*:*:*:*:*",
"matchCriteriaId": "37284D6C-ADB9-43A9-817D-7879FDF8BF7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:16:update3:*:*:*:*:*:*",
"matchCriteriaId": "1DAD73CB-A027-4CEA-A439-A271717BBEDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:16:update4:*:*:*:*:*:*",
"matchCriteriaId": "150B957C-545F-4BD8-8AB9-E64ACC59C865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:17:-:*:*:*:*:*:*",
"matchCriteriaId": "C665E91E-DC56-41E0-99B4-ACFAA70B3103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:17:update1:*:*:*:*:*:*",
"matchCriteriaId": "BB46C8BD-942A-45DC-AA8A-C0D9418CA302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simaticpcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "382FA06B-0465-4CA0-B0D7-B7BB748B2574",
"versionEndIncluding": "8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simaticpcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99CCAC08-D8F5-416D-82EC-7F8E1BC69C57",
"versionEndExcluding": "9.1",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simaticpcs_7:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DFC56795-0196-49AD-A840-3EBAB83D4587",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd4), OpenPCS 7 V9.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC BATCH V9.1 (All versions), SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC NET PC Software V16 (All versions \u003c V16 Update 6), SIMATIC NET PC Software V17 (All versions \u003c V17 SP1), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions \u003c V9.1 SP1), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC Route Control V9.1 (All versions), SIMATIC WinCC V15 and earlier (All versions \u003c V15 SP1 Update 7), SIMATIC WinCC V16 (All versions \u003c V16 Update 5), SIMATIC WinCC V17 (All versions \u003c V17 Update 2), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (All versions \u003c V7.5 SP2 Update 5). When downloading files, the affected systems do not properly neutralize special elements within the pathname. An attacker could then cause the pathname to resolve to a location outside of the restricted directory on the server and read unexpected critical files."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en OpenPCS 7 V8.2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V9.0 Upd4), OpenPCS 7 V9.1 (Todas las versiones), SIMATIC BATCH V8.2 (Todas las versiones), SIMATIC BATCH V9.0 (Todas las versiones), SIMATIC BATCH V9. 1 (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC NET PC Software V16 (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V16 Update 6), SIMATIC NET PC Software V17 (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V17 SP1), SIMATIC PCS 7 V8.2 (Todas las versiones), SIMATIC PCS 7 V9. 0 (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V9.1 SP1), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones), SIMATIC Route Control V9. 1 (Todas las versiones), SIMATIC WinCC V15 y anteriores (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V15 SP1 Update 7), SIMATIC WinCC V16 (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V16 Update 5), SIMATIC WinCC V17 (Todas las versiones anteriores a la versi\u00f3n a la versi\u00f3n V17 Update 2), SIMATIC WinCC V7.4 (Todas las versiones anteriores a la versi\u00f3n V7.4 SP1 Update 19), SIMATIC WinCC V7.5 (Todas las versiones anteriores a la versi\u00f3n V7.5 SP2 Update 5). Al descargar archivos, los sistemas afectados no neutralizan correctamente los elementos especiales dentro del nombre de la ruta. Un atacante podr\u00eda entonces hacer que el nombre de ruta se resuelva en una ubicaci\u00f3n fuera del directorio restringido en el servidor y leer archivos cr\u00edticos inesperados"
}
],
"id": "CVE-2021-40359",
"lastModified": "2024-11-21T06:23:56.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2021-11-09T12:15:09.987",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840188.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-21 15:15
Modified
2024-11-21 06:31
Severity ?
Summary
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf | Patch, Third Party Advisory | |
| cve@mitre.org | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf | Patch, Vendor Advisory | |
| cve@mitre.org | https://www.youtube.com/watch?v=qv-RBdCaV4k | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.youtube.com/watch?v=qv-RBdCaV4k | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opcfoundation | ua-nodeset | * | |
| siemens | simatic_net_pc | 14 | |
| siemens | simatic_net_pc | 15 | |
| siemens | simatic_net_pc | 16 | |
| siemens | simatic_net_pc | 17 | |
| siemens | sitop_manager | - | |
| siemens | telecontrol_server_basic | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opcfoundation:ua-nodeset:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14F2AA77-409B-48CA-9BBE-6EC6B5BA9EAF",
"versionEndExcluding": "1.05.01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:14:-:*:*:*:*:*:*",
"matchCriteriaId": "298E8F34-346B-4FC5-8690-3F947F585552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:16:-:*:*:*:*:*:*",
"matchCriteriaId": "496E3C43-5DA8-4983-8AC6-0F32454E22F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:17:-:*:*:*:*:*:*",
"matchCriteriaId": "AFBD6DDF-917C-44CC-A944-1945DC7AC9FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sitop_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1ABC40-2C91-4EA9-9442-16E5D7C29E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:telecontrol_server_basic:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "975FC6E7-8FDB-4361-A691-44B26B0CBFD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference."
},
{
"lang": "es",
"value": "Los stubs de pila ANSI C autogenerados por OPC (en los NodeSets) no manejan todos los casos de error. Esto puede conllevar a una desreferencia de puntero NULL"
}
],
"id": "CVE-2021-45117",
"lastModified": "2024-11-21T06:31:59.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T15:15:07.927",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.youtube.com/watch?v=qv-RBdCaV4k"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-285795.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2021-45117.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.youtube.com/watch?v=qv-RBdCaV4k"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}