All the vulnerabilites related to siemens - simatic_net_pc_software
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:46
Severity ?
Summary
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_cp443-1_opc_ua_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D0780D2-8892-490E-9C38-6D1516EBCA76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_cp443-1_opc_ua:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47272AD2-1D05-419E-A6BE-8836DF69FF82",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB5AE88-04E5-467E-85E5-D3C0DDA2B21F",
"versionEndExcluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_et_200_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0944C4-8FD7-4B00-85B7-6DB430EAA884",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_ipc_diagmonitor_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91371CD0-EBDF-43C5-A262-A46E1C343716",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_ipc_diagmonitor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E06833-4C26-40AC-B6CF-F7D1322462D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_net_pc_software_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77022802-113F-42E7-8FBF-C47BB50E8DA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_net_pc_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A00F5A-9B28-45FF-8549-290302939DFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9523EC09-36C9-41E1-A485-C75819A2DB72",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA55275-691D-4269-93E4-C559C89E3FA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065D2218-EA10-410E-A49A-C9A259469421",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:opc_unified_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6230C5B0-2F36-4C94-BA28-D36170952423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "054D17CD-74AF-473E-A3BC-7B69DFB1C04B",
"versionEndIncluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_oa:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B74D88E-E8D7-4AA9-8B54-CC833E26CEB4",
"versionEndExcluding": "3.15-p018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_comfort:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9AE946B-D532-4CEB-B109-C8B951B61E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_hsp_comfort:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49D722B2-948B-4F11-AD36-E1378BB40403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "455411C4-037C-47BF-9BD6-AC7F9C2D30F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec-nms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED63145-9082-4346-871B-DF0A6F91E7F0",
"versionEndExcluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinec-nms:1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1F6F05DC-0FBA-4D25-A2E6-06D873B3DFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C55DA617-6333-40DA-AB7D-EE49A453E143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E31B88B-E743-4DFD-996B-154F7F48C510",
"versionEndExcluding": "2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:telecontrol_server_basic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2ECBEF2-9B1A-49F8-9850-0AF09BF71ED7",
"versionEndExcluding": "3.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58CCDA0F-F657-4AF8-BE53-A3993C0280B3",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A255BC06-2776-4111-A525-76B17371B295",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F162D0-998E-4EC9-BA59-D9B47B07EF69",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1752A2A-0034-4E00-AAC6-FA15345D7A41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C47ADAD6-2DDE-49EF-864B-CC9448399E7B",
"versionEndIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "F18EA7BD-47D0-4367-8F18-C89239B201E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "DE71784C-012F-40EC-82E2-3BE8589F00DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "C5A35FDE-C76F-430E-BD15-373F9F30FED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "37A6344F-CB58-4CFA-A971-395BFB3FF02B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "E949961E-320A-4E25-A0CA-5EBC7DA0AD9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "A390DCB7-4511-4931-A34B-BF6A9B84370D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "FF5136A8-130C-4121-A250-B4DE5883239E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "862B1996-202B-42DF-A7DA-D01CD43C4AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "7AFD3E4C-7125-4FB5-991F-76A31AD61BD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "71172F82-C9B6-4DEC-ADCC-F455E72936CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "A8CA985F-3678-46F4-BE2E-BDBCCD1BC0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "1A28CC05-0CEA-4221-83CE-4029726F60E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "5D612CB7-45A0-44AC-BB96-12AFE2B14CE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "7B0FAB4F-7D95-4FC0-AF59-CCEDC6E22DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "5C925AE3-7262-4DDD-803D-D871A66CD2B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "E64DEED6-7E6F-4E79-BA4D-2B2E43B2B97D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "9429BA23-CB76-4574-B7F8-530882CF704A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "3794C871-098D-428F-89EA-ADDEFD4E4A86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "386F501D-5C7D-4336-A39D-31B12C5BCB56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en SIMATIC CP 443-1 OPC UA (todas las versiones), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incluidas las variantes SIPLUS) (todas las versiones anteriores a V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026amp; 15\" (incluidas las variantes SIPLUS) (todas las versiones anteriores a V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incluidas las variantes SIPLUS) (todas las versiones anteriores a V15. 1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 y KTP900F (Todas las versiones anteriores a V15.1 Upd 4), SIMATIC IPC DiagMonitor (Todas las versiones anteriores a V5.1. 3), SIMATIC NET PC Software V13 (Todas las versiones), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones), SIMATIC RF188C (Todas las versiones anteriores a V1. 1.0), familia SIMATIC RF600R (Todas las versiones anteriores a V3.2.1), familia de CPUs SIMATIC S7-1500 (incluidas las CPUs ET200 relacionadas y las variantes SIPLUS) (Todas las versiones posteriores o iguales a V2.5 anteriores a V2.6.1), SIMATIC S7-1500 Software Controller (Todas las versiones entre V2.5 (incluida) y V2.7 (excluida)), SIMATIC WinCC OA (Todas las versiones anteriores a V3. 15 P018), SIMATIC WinCC Runtime Advanced (Todas las versiones anteriores a V15.1 Upd 4), SINEC NMS (Todas las versiones anteriores a V1.0 SP1), SINEMA Server (Todas las versiones anteriores a V14 SP2), SINUMERIK OPC UA Server (Todas las versiones anteriores a V2.1), TeleControl Server Basic (Todas las versiones anteriores a V3.1.1). Los paquetes de red especialmente dise\u00f1ados que se env\u00edan a los dispositivos afectados en el puerto 4840/tcp podr\u00edan permitir a un atacante remoto no autenticado provocar una condici\u00f3n de denegaci\u00f3n de servicio de la comunicaci\u00f3n OPC o bloquear el dispositivo. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad de la comunicaci\u00f3n OPC"
}
],
"id": "CVE-2019-6575",
"lastModified": "2024-11-21T04:46:43.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:03.760",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-248"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-24 17:29
Modified
2024-11-21 04:07
Severity ?
Summary
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | Third Party Advisory, VDB Entry | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | Mitigation, Vendor Advisory | |
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CDCCD5-E4C7-4E52-8316-07F93E820842",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63F01837-6121-48E3-A18C-691AAC2800BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "781DC7D3-D470-465E-8E0A-9978CB2A6454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_1:*:*:*:*:*:*",
"matchCriteriaId": "726E5A2D-97EA-415A-A251-66A975B3F98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_2:*:*:*:*:*:*",
"matchCriteriaId": "ED9B2A87-0C1E-476E-AF7E-71EAB0CECEF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_3:*:*:*:*:*:*",
"matchCriteriaId": "20D3788F-FD9E-4A0F-A7C7-843B1ED67D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.1:upd_4:*:*:*:*:*:*",
"matchCriteriaId": "F8186041-B1D6-4460-ACA7-23494D1F0E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8FF2D9-B31F-46DC-AF37-E0314F3D0B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:openpcs_7:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3890EC18-2B5D-4B5A-8B21-6A0D1211EA98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9E94E0B9-2950-42CA-837E-7900F820A9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "2C782AC7-6EAB-4F35-A646-52A4AC77E1D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.0:sp1_upd20:*:*:*:*:*:*",
"matchCriteriaId": "3C509A97-9DD2-413A-A7ED-B30FD9E5C98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.1:-:*:*:*:*:*:*",
"matchCriteriaId": "EE12DBC8-CD75-4517-BD3B-709E98B4D280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.1:sp1_upd14:*:*:*:*:*:*",
"matchCriteriaId": "38894CBB-44DA-4690-B762-4AA497C95037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.1:sp1_upd15:*:*:*:*:*:*",
"matchCriteriaId": "59178885-4A50-4AC6-A3BE-B288A1F6B5F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "4CAFD7F2-BB23-4E3A-A30E-78290D5EAB47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:8.2:upd_9:*:*:*:*:*:*",
"matchCriteriaId": "F043FAC3-661C-4226-AA70-7EF836DDBA55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_batch:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1EFC3E-F29B-48C5-869C-F356414C8088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C06726E-497A-4FEF-8B4B-AF3F7B0EEFA4",
"versionEndExcluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFBFF6B-DBC8-451D-A235-4C7E1F0883D5",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3566C20F-A4A7-494F-AAD2-A11B0AD783D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "858628AC-EA69-4D72-AE23-77A4A8DE2547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3EEF9BE1-F6E2-4C05-8020-4D7540882464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20927394-2126-48C5-B0D5-88E16B6491DA",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF395C1-AA95-4064-BDEF-9B3C30FF6B29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF693D1E-091C-4CBE-957C-58C47B4E44D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_route_control:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "57073CE8-174E-429D-A721-AB14C7D16D4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AAE5EBD-1B43-447D-8C19-9D3296F137F9",
"versionEndExcluding": "13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:13:-:*:*:*:*:*:*",
"matchCriteriaId": "00B0EEF6-E1F9-4AEB-82AA-445D161639D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:13:sp2_upd_1:*:*:*:*:*:*",
"matchCriteriaId": "DB8D7040-0223-413F-B87F-3417CFA50BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:14:-:*:*:*:*:*:*",
"matchCriteriaId": "17F622A5-75AE-4E5C-80CB-53C39EAE356D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_professional:14:sp1_upd_4:*:*:*:*:*:*",
"matchCriteriaId": "8D2F5FA7-6B23-413C-AF6D-CA95EDA59212",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C72CD2-86C8-4E79-AF98-A3D58E882DED",
"versionEndExcluding": "7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EF42322A-1E6E-44F6-B943-DC56E87F80D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:upd_14:*:*:*:*:*:*",
"matchCriteriaId": "A54099D6-1E2E-4DC5-98FD-6004758C581A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.3:-:*:*:*:*:*:*",
"matchCriteriaId": "AE3690D0-60A7-4E52-A36A-ADBA01F8D99F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.3:upd_15:*:*:*:*:*:*",
"matchCriteriaId": "98174EBE-EC43-431C-B943-11B21A167A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:-:*:*:*:*:*:*",
"matchCriteriaId": "3B0BD5DE-C6EF-4B89-831B-DA34DB0D68F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2637C346-8AAF-481F-AFB0-BAD4254D14F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:sp1_upd_3:*:*:*:*:*:*",
"matchCriteriaId": "9A699260-A239-46BE-BF64-A767D4F267FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:sppa-t3000_application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE233B0-3F20-4FA8-8E26-CCC3E21E49E1",
"versionEndExcluding": "r8.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sppa-t3000_application_server:r8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "4EBA7673-3A24-4DF7-9D9C-4B863863083C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sppa-t3000_application_server:r8.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D0975E8C-C34F-4BD2-B4CF-41E5FBFD8A12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C06726E-497A-4FEF-8B4B-AF3F7B0EEFA4",
"versionEndExcluding": "15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc:15:-:*:*:*:*:*:*",
"matchCriteriaId": "7DF90C44-4AC2-4B2B-8712-30CD3DE96B22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A28DF82-4863-47FA-82FF-C3D63CFB1782",
"versionEndExcluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en OpenPCS 7 V7.1 y anteriores (Todas las versiones), OpenPCS 7 V8.0 (Todas las versiones), OpenPCS 7 V8.1 (Todas las versiones anteriores a V8.1 Upd5), OpenPCS 7 V8. 2 (Todas las versiones), OpenPCS 7 V9.0 (Todas las versiones anteriores a V9.0 Upd1), SIMATIC BATCH V7.1 y anteriores (Todas las versiones), SIMATIC BATCH V8.0 (Todas las versiones anteriores a V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (Todas las versiones anteriores a V8. 1 SP1 Upd16), SIMATIC BATCH V8.2 (Todas las versiones anteriores a V8.2 Upd10), SIMATIC BATCH V9.0 (Todas las versiones anteriores a V9.0 SP1), SIMATIC NET PC Software V14 (Todas las versiones anteriores a V14 SP1 Update 14), SIMATIC NET PC Software V15 (Todas las versiones anteriores a 15 SP1), SIMATIC PCS 7 V7. 1 y anteriores (Todas las versiones), SIMATIC PCS 7 V8.0 (Todas las versiones), SIMATIC PCS 7 V8.1 (Todas las versiones), SIMATIC PCS 7 V8. 2 (Todas las versiones anteriores a V8.2 SP1), SIMATIC PCS 7 V9.0 (Todas las versiones anteriores a V9.0 SP1), SIMATIC Route Control V7.1 y anteriores (Todas las versiones), SIMATIC Route Control V8.0 (Todas las versiones), SIMATIC Route Control V8.1 (Todas las versiones), SIMATIC Route Control V8.2 (Todas las versiones), SIMATIC Route Control V9.0 (Todas las versiones anteriores a V9. 0 Upd1), SIMATIC WinCC Runtime Professional V13 (Todas las versiones anteriores a V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (Todas las versiones anteriores a V14 SP1 Upd5), SIMATIC WinCC V7.2 y anteriores (Todas las versiones anteriores a WinCC 7. 2 Upd 15), SIMATIC WinCC V7.3 (Todas las versiones anteriores a WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (Todas las versiones anteriores a V7.4 SP1 Upd 4), SPPA-T3000 Application Server (Todas las versiones anteriores a Service Pack R8.2 SP2). Los mensajes especialmente dise\u00f1ados enviados al servicio RPC de los productos afectados podr\u00edan causar una condici\u00f3n de denegaci\u00f3n de servicio en la funcionalidad de comunicaci\u00f3n remota y local de los productos afectados. Es necesario reiniciar el sistema para recuperar la funcionalidad de comunicaci\u00f3n remota y local. Tenga en cuenta que un atacante necesita tener acceso a la red del servidor de aplicaciones para poder explotar esta vulnerabilidad. En el momento de la publicaci\u00f3n del aviso no se conoc\u00eda ninguna explotaci\u00f3n p\u00fablica de esta vulnerabilidad de seguridad"
}
],
"id": "CVE-2018-4832",
"lastModified": "2024-11-21T04:07:32.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-24T17:29:00.227",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
},
{
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 09:15
Modified
2024-11-21 07:56
Severity ?
3.9 (Low) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These
services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | simatic_net_pc_software | 14.0 | |
| siemens | simatic_net_pc_software | 15.0 | |
| siemens | simatic_pcs_7 | 8.2 | |
| siemens | simatic_pcs_7 | 9.0 | |
| siemens | simatic_pcs_7 | 9.1 | |
| siemens | simatic_wincc | * | |
| siemens | sinaut_st7sc | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc_software:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34A1F08A-1269-44F0-8B10-70A41F9306B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc_software:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79A56438-47FC-4184-9401-0B859037D0F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3EEF9BE1-F6E2-4C05-8020-4D7540882464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "0D25510C-F677-4A98-806C-FF644F11EEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E53AD8-C669-4E1F-9519-4DED57668766",
"versionEndExcluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinaut_st7sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C162C7-AC9A-44E3-BAE5-1C0D434F264B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions \u003c V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms \u0026 Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents."
}
],
"id": "CVE-2023-28829",
"lastModified": "2024-11-21T07:56:06.343",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.4,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T09:15:16.707",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-477"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-15 19:30
Modified
2024-11-21 02:57
Severity ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/94158 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | ||
| cve@mitre.org | https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94158 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:primary_setup_tool:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8046A64D-4C80-4199-B1A7-F77D02428ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:security_configuration_tool:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C33765E4-619E-4566-BF96-4A7C8776A0CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_it_production_suite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBCAF7A5-CA65-4D88-8473-67947726CA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_net_pc_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87DF85DE-B86C-459A-A9A9-096AF7A661E6",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFBFF6B-DBC8-451D-A235-4C7E1F0883D5",
"versionEndIncluding": "7.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs7:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B894F4-9635-4436-BC0A-E43280426017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs7:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "172A6A81-C32E-4ACC-AB8C-2014BF3A6901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_pcs7:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6E8BBF-C5FF-4F13-AC70-2FF41CF3CC8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "C60C6533-1875-4E5B-A367-F6C1C1345CCF",
"versionEndIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_step_7_\\(tia_portal\\):*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4053231-D271-4A23-B0A0-374F6EAE2EF8",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_winac_rtx_2010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD93D757-C2DE-444C-9FF4-A7A700EFF7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_winac_rtx_f_2010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "042D7AB5-8DB7-478E-8CB8-31942D360B34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B9D3442E-E362-49BA-8699-629A611A6E2E",
"versionEndIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "0D0BB2E6-1444-499A-943E-8D19C402F1BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C4BFBED-E818-453C-B787-22D67B4A5A29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6229A2-9B8E-4F76-8425-589D2CE58B16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F64B795A-7E66-49AE-BE40-E8EEAC12D280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:advanced:*:*:*",
"matchCriteriaId": "882F53D9-7AAA-4647-B071-A45CA2618AA1",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:basic:*:*:*",
"matchCriteriaId": "F4524CA7-833B-4577-A5E5-DB47704F49AF",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):*:*:*:*:comfort:*:*:*",
"matchCriteriaId": "58782A2B-6A27-475A-9FAB-0272DED5DB40",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_\\(tia_portal\\):-:*:*:*:professional:*:*:*",
"matchCriteriaId": "D9BA6A34-593E-466A-B11B-1E2DC890ECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime:-:*:*:*:professional:*:*:*",
"matchCriteriaId": "E6BFBAED-EE2B-4DE4-A76C-824DD15F4608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:simit:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "939DE56D-D8D7-42B8-BC0C-D6727E99AFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_remote_connect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9646F056-080A-4F45-AABD-4D6E8AF05148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sinema_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "3F8B6E52-C339-41B9-A2C1-A6D161251648",
"versionEndIncluding": "13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:softnet_security_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BFF869-4E4E-4410-91F7-56A7E959C0FE",
"versionEndIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:telecontrol_basic:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A9386816-33A5-4DA7-931B-841AAE40E3BE",
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC IT Production Suite (All versions \u003c V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions \u003c V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions \u003c V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions \u003c V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions \u003c V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions \u003c V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1), SIMIT V9.0 (All versions \u003c V9.0 SP1), SINEMA Remote Connect Client (All versions \u003c V1.0 SP3), SINEMA Server (All versions \u003c V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions \u003c V4.3 HF1), TeleControl Server Basic (All versions \u003c V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent)."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en Primary Setup Tool (PST) (todas las versiones anteriores a V4.2 HF1), SIMATIC IT Production Suite (todas las versiones anteriores a V7.0 SP1 HFX 2), SIMATIC NET PC-Software (Todas las versiones anteriores a V14), SIMATIC PCS 7 versi\u00f3n V7.1 (Todas las versiones), SIMATIC PCS 7 versi\u00f3n V8.0 (Todas las versiones), SIMATIC PCS 7 versi\u00f3n V8.1 (Todas las versiones),SIMATIC PCS 7 versi\u00f3n V8.2 (Todas las versiones anteriores a V8.2 SP1), SIMATIC STEP 7 (TIA Portal) versi\u00f3n V13 (Todas las versiones anteriores a V13 SP2), SIMATIC STEP 7 versiones V5.X (Todas las versiones anteriores a V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (Todas las versiones anteriores a V14), SIMATIC WinCC (TIA Portal) Professional versi\u00f3n V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC (TIA Portal) Professional versi\u00f3n V14 (Todas las versiones anteriores a V14 SP1), SIMATIC WinCC Runtime Professional versi\u00f3n V13 (Todas las versiones anteriores a V13 SP2), SIMATIC WinCC Runtime Professional versi\u00f3n V14 (Todas las versiones anteriores a V14 SP1), SIMATIC WinCC versi\u00f3n V7.0 SP2 y anteriores (Todas las versiones anteriores a V7.0 SP2 Upd 12), SIMATIC WinCC versi\u00f3n V7.0 SP3 (Todas las versiones anteriores a V7.0 SP3 Upd 8), SIMATIC WinCC versi\u00f3n V7.2 (Todas las versiones anteriores a V7.2 Upd 14), SIMATIC WinCC versi\u00f3n V7.3 (Todas las versiones anteriores a V7.3 Upd 11), SIMATIC WinCC versi\u00f3n V7.4 (Todas las versiones anteriores a V7.4 SP1), SIMIT versi\u00f3n V9.0 (Todas las versiones anteriores a V9.0 SP1), SINEMA Remote Connect Client (Todas las versiones anteriores a V1.0 SP3), SINEMA Server (Todas las versiones anteriores a V13 SP2), SOFTNET Security Client versi\u00f3n V5.0 (Todas las versiones), Security Configuration Tool (SCT) (Todas las versiones anteriores a V4.3 HF1), TeleControl Server Basic (Todas las versiones anteriores a V3.0 SP2), WinAC RTX 2010 SP2 (Todas las versiones), WinAC RTX F 2010 SP2 (Todas las versiones). Las rutas (path) de servicio sin comillas podr\u00edan permitir que los usuarios locales del sistema operativo Microsoft Windows aumenten sus privilegios si los productos afectados no est\u00e1n instalados en su ruta (path) de acceso predeterminada (\"C:\\Program Files\\*\" o el equivalente localizado)."
}
],
"id": "CVE-2016-7165",
"lastModified": "2024-11-21T02:57:37.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-15T19:30:02.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94158"
},
{
"source": "cve@mitre.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
},
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2019-6575
Vulnerability from cvelistv5
Published
2019-04-17 13:40
Modified
2024-08-04 20:23
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V2.7), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) (All versions < V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions < V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions < V1.1.0), SIMATIC RF600R family (All versions < V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 < V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions < V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions < V15.1 Upd 4), SINEC NMS (All versions < V1.0 SP1), SINEMA Server (All versions < V14 SP2), SINUMERIK OPC UA Server (All versions < V2.1), TeleControl Server Basic (All versions < V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:23:22.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SIMATIC CP 443-1 OPC UA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.7"
}
]
},
{
"product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SIMATIC IPC DiagMonitor",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1.3"
}
]
},
{
"product": "SIMATIC NET PC Software V13",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 14"
}
]
},
{
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC RF188C",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.1.0"
}
]
},
{
"product": "SIMATIC RF600R family",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.2.1"
}
]
},
{
"product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.5 \u003c V2.6.1"
}
]
},
{
"product": "SIMATIC S7-1500 Software Controller",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions between V2.5 (including) and V2.7 (excluding)"
}
]
},
{
"product": "SIMATIC WinCC OA",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.15 P018"
}
]
},
{
"product": "SIMATIC WinCC Runtime Advanced",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V15.1 Upd 4"
}
]
},
{
"product": "SINEC NMS",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V1.0 SP1"
}
]
},
{
"product": "SINEMA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP2"
}
]
},
{
"product": "SINUMERIK OPC UA Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V2.1"
}
]
},
{
"product": "TeleControl Server Basic",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "CWE-248: Uncaught Exception",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T11:16:36",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2019-6575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SIMATIC CP 443-1 OPC UA",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.7"
}
]
}
},
{
"product_name": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SIMATIC IPC DiagMonitor",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V5.1.3"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V13",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V14",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP1 Update 14"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V15",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC RF188C",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.1.0"
}
]
}
},
{
"product_name": "SIMATIC RF600R family",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.2.1"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
"version": {
"version_data": [
{
"version_value": "All versions \u003e= V2.5 \u003c V2.6.1"
}
]
}
},
{
"product_name": "SIMATIC S7-1500 Software Controller",
"version": {
"version_data": [
{
"version_value": "All versions between V2.5 (including) and V2.7 (excluding)"
}
]
}
},
{
"product_name": "SIMATIC WinCC OA",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.15 P018"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Advanced",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V15.1 Upd 4"
}
]
}
},
{
"product_name": "SINEC NMS",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V1.0 SP1"
}
]
}
},
{
"product_name": "SINEMA Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP2"
}
]
}
},
{
"product_name": "SINUMERIK OPC UA Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V2.1"
}
]
}
},
{
"product_name": "TeleControl Server Basic",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V3.1.1"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions \u003c V2.7), SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants) (All versions \u003c V15.1 Upd 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions \u003c V15.1 Upd 4), SIMATIC IPC DiagMonitor (All versions \u003c V5.1.3), SIMATIC NET PC Software V13 (All versions), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions), SIMATIC RF188C (All versions \u003c V1.1.0), SIMATIC RF600R family (All versions \u003c V3.2.1), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions \u003e= V2.5 \u003c V2.6.1), SIMATIC S7-1500 Software Controller (All versions between V2.5 (including) and V2.7 (excluding)), SIMATIC WinCC OA (All versions \u003c V3.15 P018), SIMATIC WinCC Runtime Advanced (All versions \u003c V15.1 Upd 4), SINEC NMS (All versions \u003c V1.0 SP1), SINEMA Server (All versions \u003c V14 SP2), SINUMERIK OPC UA Server (All versions \u003c V2.1), TeleControl Server Basic (All versions \u003c V3.1.1). Specially crafted network packets sent to affected devices on port 4840/tcp could allow an unauthenticated remote attacker to cause a denial of service condition of the OPC communication or crash the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the OPC communication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-248: Uncaught Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-307392.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2019-6575",
"datePublished": "2019-04-17T13:40:24",
"dateReserved": "2019-01-22T00:00:00",
"dateUpdated": "2024-08-04T20:23:22.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-28829
Vulnerability from cvelistv5
Published
2023-06-13 08:17
Modified
2025-01-03 01:52
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions < V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms & Events)) were used per default. These
services were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | SIMATIC NET PC Software V14 |
Version: All versions |
||||||||||||||||||||||||
|
|||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28829",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T01:45:58.400145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T01:52:55.603Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC PCS 7 V9.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC WinCC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAUT Software ST7sc",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC NET PC Software V14 (All versions), SIMATIC NET PC Software V15 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC (All versions \u003c V8.0), SINAUT Software ST7sc (All versions). Before SIMATIC WinCC V8, legacy OPC services (OPC DA (Data Access), OPC HDA (Historical Data Access), and OPC AE (Alarms \u0026 Events)) were used per default. These\r\nservices were designed on top of the Windows ActiveX and DCOM mechanisms and do not implement state-of-the-art security mechanisms for authentication and encryption of contents."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-477",
"description": "CWE-477: Use of Obsolete Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T08:17:07.989Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28829",
"datePublished": "2023-06-13T08:17:07.989Z",
"dateReserved": "2023-03-24T15:17:29.558Z",
"dateUpdated": "2025-01-03T01:52:55.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-7165
Vulnerability from cvelistv5
Published
2016-11-15 19:00
Modified
2024-08-06 01:50
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in Primary Setup Tool (PST) (All versions < V4.2 HF1), SIMATIC IT Production Suite (All versions < V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions < V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions < V13 SP2), SIMATIC STEP 7 V5.X (All versions < V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions < V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions < V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions < V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions < V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions < V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions < V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions < V7.4 SP1), SIMIT V9.0 (All versions < V9.0 SP1), SINEMA Remote Connect Client (All versions < V1.0 SP3), SINEMA Server (All versions < V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions < V4.3 HF1), TeleControl Server Basic (All versions < V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path ("C:\Program Files\*" or the localized equivalent).
References
| ▼ | URL | Tags |
|---|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02 | x_refsource_MISC | |
| http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/94158 | vdb-entry, x_refsource_BID | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
},
{
"name": "94158",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94158"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC IT Production Suite (All versions \u003c V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions \u003c V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions \u003c V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions \u003c V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions \u003c V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions \u003c V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1), SIMIT V9.0 (All versions \u003c V9.0 SP1), SINEMA Remote Connect Client (All versions \u003c V1.0 SP3), SINEMA Server (All versions \u003c V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions \u003c V4.3 HF1), TeleControl Server Basic (All versions \u003c V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-14T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
},
{
"name": "94158",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94158"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7165",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Primary Setup Tool (PST) (All versions \u003c V4.2 HF1), SIMATIC IT Production Suite (All versions \u003c V7.0 SP1 HFX 2), SIMATIC NET PC-Software (All versions \u003c V14), SIMATIC PCS 7 V7.1 (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC STEP 7 (TIA Portal) V13 (All versions \u003c V13 SP2), SIMATIC STEP 7 V5.X (All versions \u003c V5.5 SP4 HF11), SIMATIC WinCC (TIA Portal) Basic, Comfort, Advanced (All versions \u003c V14), SIMATIC WinCC (TIA Portal) Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC (TIA Portal) Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1), SIMATIC WinCC V7.0 SP2 and earlier versions (All versions \u003c V7.0 SP2 Upd 12), SIMATIC WinCC V7.0 SP3 (All versions \u003c V7.0 SP3 Upd 8), SIMATIC WinCC V7.2 (All versions \u003c V7.2 Upd 14), SIMATIC WinCC V7.3 (All versions \u003c V7.3 Upd 11), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1), SIMIT V9.0 (All versions \u003c V9.0 SP1), SINEMA Remote Connect Client (All versions \u003c V1.0 SP3), SINEMA Server (All versions \u003c V13 SP2), SOFTNET Security Client V5.0 (All versions), Security Configuration Tool (SCT) (All versions \u003c V4.3 HF1), TeleControl Server Basic (All versions \u003c V3.0 SP2), WinAC RTX 2010 SP2 (All versions), WinAC RTX F 2010 SP2 (All versions). Unquoted service paths could allow local Microsoft Windows operating system users to escalate their privileges if the affected products are not installed under their default path (\"C:\\Program Files\\*\" or the localized equivalent)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-313-02"
},
{
"name": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html",
"refsource": "MISC",
"url": "http://securityaffairs.co/wordpress/53266/security/cve-2016-7165-siemens.html"
},
{
"name": "94158",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94158"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-701708.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7165",
"datePublished": "2016-11-15T19:00:00",
"dateReserved": "2016-09-08T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-4832
Vulnerability from cvelistv5
Published
2018-04-24 17:00
Modified
2024-08-05 05:18
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
References
| ▼ | URL | Tags |
|---|---|---|
| https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf | x_refsource_MISC | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf | x_refsource_MISC | |
| http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | OpenPCS 7 V7.1 and earlier |
Version: All versions |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:18:26.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenPCS 7 V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "OpenPCS 7 V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "OpenPCS 7 V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.1 Upd5"
}
]
},
{
"product": "OpenPCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "OpenPCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 Upd1"
}
]
},
{
"product": "SIMATIC BATCH V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC BATCH V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.0 SP1 Upd21"
}
]
},
{
"product": "SIMATIC BATCH V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.1 SP1 Upd16"
}
]
},
{
"product": "SIMATIC BATCH V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.2 Upd10"
}
]
},
{
"product": "SIMATIC BATCH V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 SP1"
}
]
},
{
"product": "SIMATIC NET PC Software V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Update 14"
}
]
},
{
"product": "SIMATIC NET PC Software V15",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c 15 SP1"
}
]
},
{
"product": "SIMATIC PCS 7 V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS 7 V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS 7 V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC PCS 7 V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V8.2 SP1"
}
]
},
{
"product": "SIMATIC PCS 7 V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 SP1"
}
]
},
{
"product": "SIMATIC Route Control V7.1 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V8.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V8.1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V8.2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"product": "SIMATIC Route Control V9.0",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V9.0 Upd1"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V13",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13 SP2 Upd2"
}
]
},
{
"product": "SIMATIC WinCC Runtime Professional V14",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V14 SP1 Upd5"
}
]
},
{
"product": "SIMATIC WinCC V7.2 and earlier",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c WinCC 7.2 Upd 15"
}
]
},
{
"product": "SIMATIC WinCC V7.3",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c WinCC 7.3 Upd 16"
}
]
},
{
"product": "SIMATIC WinCC V7.4",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V7.4 SP1 Upd 4"
}
]
},
{
"product": "SPPA-T3000 Application Server",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c Service Pack R8.2 SP2"
}
]
}
],
"datePublic": "2018-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-12T09:06:48",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2018-4832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenPCS 7 V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "OpenPCS 7 V8.0",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "OpenPCS 7 V8.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.1 Upd5"
}
]
}
},
{
"product_name": "OpenPCS 7 V8.2",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "OpenPCS 7 V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 Upd1"
}
]
}
},
{
"product_name": "SIMATIC BATCH V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC BATCH V8.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.0 SP1 Upd21"
}
]
}
},
{
"product_name": "SIMATIC BATCH V8.1",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.1 SP1 Upd16"
}
]
}
},
{
"product_name": "SIMATIC BATCH V8.2",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.2 Upd10"
}
]
}
},
{
"product_name": "SIMATIC BATCH V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 SP1"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V14",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP1 Update 14"
}
]
}
},
{
"product_name": "SIMATIC NET PC Software V15",
"version": {
"version_data": [
{
"version_value": "All versions \u003c 15 SP1"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V8.0",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V8.1",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V8.2",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V8.2 SP1"
}
]
}
},
{
"product_name": "SIMATIC PCS 7 V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 SP1"
}
]
}
},
{
"product_name": "SIMATIC Route Control V7.1 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V8.0",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V8.1",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V8.2",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
},
{
"product_name": "SIMATIC Route Control V9.0",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V9.0 Upd1"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V13",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V13 SP2 Upd2"
}
]
}
},
{
"product_name": "SIMATIC WinCC Runtime Professional V14",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V14 SP1 Upd5"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.2 and earlier",
"version": {
"version_data": [
{
"version_value": "All versions \u003c WinCC 7.2 Upd 15"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.3",
"version": {
"version_data": [
{
"version_value": "All versions \u003c WinCC 7.3 Upd 16"
}
]
}
},
{
"product_name": "SIMATIC WinCC V7.4",
"version": {
"version_data": [
{
"version_value": "All versions \u003c V7.4 SP1 Upd 4"
}
]
}
},
{
"product_name": "SPPA-T3000 Application Server",
"version": {
"version_data": [
{
"version_value": "All versions \u003c Service Pack R8.2 SP2"
}
]
}
}
]
},
"vendor_name": "Siemens"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions \u003c V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions \u003c V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions \u003c V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions \u003c V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions \u003c V8.2 Upd10), SIMATIC BATCH V9.0 (All versions \u003c V9.0 SP1), SIMATIC NET PC Software V14 (All versions \u003c V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions \u003c 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions \u003c V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions \u003c V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions \u003c V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions \u003c V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions \u003c V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions \u003c WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions \u003c WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions \u003c V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions \u003c Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-451445.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348629.pdf"
},
{
"name": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155665/Siemens-Security-Advisory-SPPA-T3000-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2018-4832",
"datePublished": "2018-04-24T17:00:00",
"dateReserved": "2018-01-02T00:00:00",
"dateUpdated": "2024-08-05T05:18:26.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}