All the vulnerabilites related to siemens - simatic_rf186c_firmware
cve-2024-37992
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:08
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.
Impacted products
Vendor Product Version
Siemens SIMATIC Reader RF610R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF610R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF615R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF615R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF615R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF650R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF650R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF680R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF680R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF685R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF685R FCC Version: 0   < V4.2
Siemens SIMATIC RF1140R Version: 0   < V1.1
Siemens SIMATIC RF1170R Version: 0   < V1.1
Siemens SIMATIC RF166C Version: 0   < V2.2
Siemens SIMATIC RF185C Version: 0   < V2.2
Siemens SIMATIC RF186C Version: 0   < V2.2
Siemens SIMATIC RF186CI Version: 0   < V2.2
Siemens SIMATIC RF188C Version: 0   < V2.2
Siemens SIMATIC RF188CI Version: 0   < V2.2
Siemens SIMATIC RF360R Version: 0   < V2.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37992",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:04:53.594332Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T15:08:09.459Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1140R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1170R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF166C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF360R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:36:37.300Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-37992",
    "datePublished": "2024-09-10T09:36:37.300Z",
    "dateReserved": "2024-06-11T08:32:52.183Z",
    "dateUpdated": "2024-09-10T15:08:09.459Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-37991
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:09
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.
Impacted products
Vendor Product Version
Siemens SIMATIC Reader RF610R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF610R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF615R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF615R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF615R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF650R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF650R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF680R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF680R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF685R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF685R FCC Version: 0   < V4.2
Siemens SIMATIC RF1140R Version: 0   < V1.1
Siemens SIMATIC RF1170R Version: 0   < V1.1
Siemens SIMATIC RF166C Version: 0   < V2.2
Siemens SIMATIC RF185C Version: 0   < V2.2
Siemens SIMATIC RF186C Version: 0   < V2.2
Siemens SIMATIC RF186CI Version: 0   < V2.2
Siemens SIMATIC RF188C Version: 0   < V2.2
Siemens SIMATIC RF188CI Version: 0   < V2.2
Siemens SIMATIC RF360R Version: 0   < V2.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37991",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:09:26.404268Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T15:09:35.340Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1140R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1170R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF166C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF360R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:36:35.565Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-37991",
    "datePublished": "2024-09-10T09:36:35.565Z",
    "dateReserved": "2024-06-11T08:32:52.183Z",
    "dateUpdated": "2024-09-10T15:09:35.340Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-37994
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:03
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.
Impacted products
Vendor Product Version
Siemens SIMATIC Reader RF610R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF610R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF615R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF615R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF615R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF650R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF650R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF680R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF680R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF685R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF685R FCC Version: 0   < V4.2
Siemens SIMATIC RF1140R Version: 0   < V1.1
Siemens SIMATIC RF1170R Version: 0   < V1.1
Siemens SIMATIC RF166C Version: 0   < V2.2
Siemens SIMATIC RF185C Version: 0   < V2.2
Siemens SIMATIC RF186C Version: 0   < V2.2
Siemens SIMATIC RF186CI Version: 0   < V2.2
Siemens SIMATIC RF188C Version: 0   < V2.2
Siemens SIMATIC RF188CI Version: 0   < V2.2
Siemens SIMATIC RF360R Version: 0   < V2.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37994",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:03:36.814417Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T15:03:52.417Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1140R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1170R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF166C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF360R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:36:40.841Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-37994",
    "datePublished": "2024-09-10T09:36:40.841Z",
    "dateReserved": "2024-06-11T08:32:52.184Z",
    "dateUpdated": "2024-09-10T15:03:52.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-37995
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:09
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.
Impacted products
Vendor Product Version
Siemens SIMATIC Reader RF610R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF610R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF615R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF615R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF615R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF650R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF650R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF680R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF680R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF685R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF685R FCC Version: 0   < V4.2
Siemens SIMATIC RF1140R Version: 0   < V1.1
Siemens SIMATIC RF1170R Version: 0   < V1.1
Siemens SIMATIC RF166C Version: 0   < V2.2
Siemens SIMATIC RF185C Version: 0   < V2.2
Siemens SIMATIC RF186C Version: 0   < V2.2
Siemens SIMATIC RF186CI Version: 0   < V2.2
Siemens SIMATIC RF188C Version: 0   < V2.2
Siemens SIMATIC RF188CI Version: 0   < V2.2
Siemens SIMATIC RF360R Version: 0   < V2.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37995",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:08:52.987640Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T15:09:02.700Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1140R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1170R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF166C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF360R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "CWE-703: Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:36:42.714Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-37995",
    "datePublished": "2024-09-10T09:36:42.714Z",
    "dateReserved": "2024-06-11T08:32:52.184Z",
    "dateUpdated": "2024-09-10T15:09:02.700Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-37993
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:04
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.
Impacted products
Vendor Product Version
Siemens SIMATIC Reader RF610R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF610R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF615R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF615R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF615R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF650R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF650R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF680R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF680R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF685R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF685R FCC Version: 0   < V4.2
Siemens SIMATIC RF1140R Version: 0   < V1.1
Siemens SIMATIC RF1170R Version: 0   < V1.1
Siemens SIMATIC RF166C Version: 0   < V2.2
Siemens SIMATIC RF185C Version: 0   < V2.2
Siemens SIMATIC RF186C Version: 0   < V2.2
Siemens SIMATIC RF186CI Version: 0   < V2.2
Siemens SIMATIC RF188C Version: 0   < V2.2
Siemens SIMATIC RF188CI Version: 0   < V2.2
Siemens SIMATIC RF360R Version: 0   < V2.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37993",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:04:12.477171Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T15:04:32.084Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1140R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1170R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF166C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF360R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284: Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:36:39.074Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-37993",
    "datePublished": "2024-09-10T09:36:39.074Z",
    "dateReserved": "2024-06-11T08:32:52.184Z",
    "dateUpdated": "2024-09-10T15:04:32.084Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3449
Vulnerability from cvelistv5
Published
2021-03-25 14:25
Modified
2024-09-17 03:43
Severity ?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
https://www.openssl.org/news/secadv/20210325.txt
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJdvendor-advisory
https://www.debian.org/security/2021/dsa-4875vendor-advisory
http://www.openwall.com/lists/oss-security/2021/03/27/1mailing-list
http://www.openwall.com/lists/oss-security/2021/03/27/2mailing-list
http://www.openwall.com/lists/oss-security/2021/03/28/3mailing-list
http://www.openwall.com/lists/oss-security/2021/03/28/4mailing-list
https://security.gentoo.org/glsa/202103-03vendor-advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/vendor-advisory
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.tenable.com/security/tns-2021-10
https://www.tenable.com/security/tns-2021-09
https://security.netapp.com/advisory/ntap-20210513-0002/
https://security.netapp.com/advisory/ntap-20210326-0006/
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc
https://www.tenable.com/security/tns-2021-06
https://www.tenable.com/security/tns-2021-05
https://kc.mcafee.com/corporate/index?page=content&id=SB10356
https://www.oracle.com//security-alerts/cpujul2021.html
https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013
https://lists.debian.org/debian-lts-announce/2021/08/msg00029.htmlmailing-list
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://www.oracle.com/security-alerts/cpujul2022.html
https://security.netapp.com/advisory/ntap-20240621-0006/
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:53:17.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20210325.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
          },
          {
            "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
          },
          {
            "name": "DSA-4875",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4875"
          },
          {
            "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
          },
          {
            "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
          },
          {
            "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
          },
          {
            "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
          },
          {
            "name": "GLSA-202103-03",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202103-03"
          },
          {
            "name": "FEDORA-2021-cbf14ab8f9",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-06"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-05"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
          },
          {
            "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Peter K\u00e4stle (Nokia) and Samuel Sapalski (Nokia)"
        }
      ],
      "datePublic": "2021-03-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "lang": "eng",
              "url": "https://www.openssl.org/policies/secpolicy.html#High",
              "value": "High"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NULL pointer dereference",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-21T19:05:57.096577",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "url": "https://www.openssl.org/news/secadv/20210325.txt"
        },
        {
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
        },
        {
          "name": "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
        },
        {
          "name": "DSA-4875",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4875"
        },
        {
          "name": "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
        },
        {
          "name": "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
        },
        {
          "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
        },
        {
          "name": "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
        },
        {
          "name": "GLSA-202103-03",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202103-03"
        },
        {
          "name": "FEDORA-2021-cbf14ab8f9",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-10"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-09"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
        },
        {
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-06"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-05"
        },
        {
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
        },
        {
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
        },
        {
          "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
        },
        {
          "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        }
      ],
      "title": "NULL pointer deref in signature_algorithms processing"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2021-3449",
    "datePublished": "2021-03-25T14:25:13.659307Z",
    "dateReserved": "2021-03-17T00:00:00",
    "dateUpdated": "2024-09-17T03:43:55.497Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-5391
Vulnerability from cvelistv5
Published
2018-09-06 21:00
Modified
2024-08-05 05:33
Severity ?
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
https://access.redhat.com/errata/RHSA-2018:3540vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2785vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:3083vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2925vendor-advisory, x_refsource_REDHAT
https://www.kb.cert.org/vuls/id/641765third-party-advisory, x_refsource_CERT-VN
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txtx_refsource_CONFIRM
https://usn.ubuntu.com/3741-2/vendor-advisory, x_refsource_UBUNTU
http://www.securitytracker.com/id/1041476vdb-entry, x_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:3459vendor-advisory, x_refsource_REDHAT
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19fx_refsource_MISC
https://access.redhat.com/errata/RHSA-2018:2933vendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/3740-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3741-1/vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:3590vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2948vendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/3742-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3740-1/vendor-advisory, x_refsource_UBUNTU
http://www.securityfocus.com/bid/105108vdb-entry, x_refsource_BID
https://lists.debian.org/debian-lts-announce/2018/08/msg00014.htmlmailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3742-1/vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:2924vendor-advisory, x_refsource_REDHAT
https://www.debian.org/security/2018/dsa-4272vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2018:3586vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2846vendor-advisory, x_refsource_REDHAT
http://www.securitytracker.com/id/1041637vdb-entry, x_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2018:3096vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:2791vendor-advisory, x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlmailing-list, x_refsource_MLIST
https://security.netapp.com/advisory/ntap-20181003-0002/x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2019/06/28/2mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/07/06/3mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/07/06/4mailing-list, x_refsource_MLIST
https://support.f5.com/csp/article/K74374841?utm_source=f5support&amp%3Butm_medium=RSSx_refsource_CONFIRM
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-enx_refsource_CONFIRM
https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdfx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:44.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:3540",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3540"
          },
          {
            "name": "RHSA-2018:2785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2785"
          },
          {
            "name": "RHSA-2018:3083",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3083"
          },
          {
            "name": "RHSA-2018:2925",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2925"
          },
          {
            "name": "VU#641765",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/641765"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
          },
          {
            "name": "USN-3741-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3741-2/"
          },
          {
            "name": "1041476",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041476"
          },
          {
            "name": "RHSA-2018:3459",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3459"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
          },
          {
            "name": "RHSA-2018:2933",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2933"
          },
          {
            "name": "USN-3740-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3740-2/"
          },
          {
            "name": "USN-3741-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3741-1/"
          },
          {
            "name": "RHSA-2018:3590",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3590"
          },
          {
            "name": "RHSA-2018:2948",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2948"
          },
          {
            "name": "USN-3742-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3742-2/"
          },
          {
            "name": "USN-3740-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3740-1/"
          },
          {
            "name": "105108",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105108"
          },
          {
            "name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
          },
          {
            "name": "USN-3742-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3742-1/"
          },
          {
            "name": "RHSA-2018:2924",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2924"
          },
          {
            "name": "DSA-4272",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4272"
          },
          {
            "name": "RHSA-2018:3586",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3586"
          },
          {
            "name": "RHSA-2018:2846",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2846"
          },
          {
            "name": "1041637",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041637"
          },
          {
            "name": "RHSA-2018:3096",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3096"
          },
          {
            "name": "RHSA-2018:2791",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:2791"
          },
          {
            "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
          },
          {
            "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
          },
          {
            "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kernel",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3.9*",
              "status": "affected",
              "version": "3.9",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability."
        }
      ],
      "datePublic": "2018-09-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-14T12:06:39",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "RHSA-2018:3540",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3540"
        },
        {
          "name": "RHSA-2018:2785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2785"
        },
        {
          "name": "RHSA-2018:3083",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3083"
        },
        {
          "name": "RHSA-2018:2925",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2925"
        },
        {
          "name": "VU#641765",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/641765"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
        },
        {
          "name": "USN-3741-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3741-2/"
        },
        {
          "name": "1041476",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041476"
        },
        {
          "name": "RHSA-2018:3459",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3459"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
        },
        {
          "name": "RHSA-2018:2933",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2933"
        },
        {
          "name": "USN-3740-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3740-2/"
        },
        {
          "name": "USN-3741-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3741-1/"
        },
        {
          "name": "RHSA-2018:3590",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3590"
        },
        {
          "name": "RHSA-2018:2948",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2948"
        },
        {
          "name": "USN-3742-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3742-2/"
        },
        {
          "name": "USN-3740-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3740-1/"
        },
        {
          "name": "105108",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105108"
        },
        {
          "name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
        },
        {
          "name": "USN-3742-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3742-1/"
        },
        {
          "name": "RHSA-2018:2924",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2924"
        },
        {
          "name": "DSA-4272",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4272"
        },
        {
          "name": "RHSA-2018:3586",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3586"
        },
        {
          "name": "RHSA-2018:2846",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2846"
        },
        {
          "name": "1041637",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041637"
        },
        {
          "name": "RHSA-2018:3096",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3096"
        },
        {
          "name": "RHSA-2018:2791",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:2791"
        },
        {
          "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
        },
        {
          "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
        },
        {
          "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2018-5391",
          "STATE": "PUBLIC",
          "TITLE": "The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Kernel",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003e=",
                            "version_affected": "\u003e=",
                            "version_name": "3.9",
                            "version_value": "3.9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Linux"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Thanks to Juha-Matti Tilli (Aalto University, Department of Communications and Networking / Nokia Bell Labs) for reporting this vulnerability."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:3540",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3540"
            },
            {
              "name": "RHSA-2018:2785",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2785"
            },
            {
              "name": "RHSA-2018:3083",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3083"
            },
            {
              "name": "RHSA-2018:2925",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2925"
            },
            {
              "name": "VU#641765",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/641765"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
            },
            {
              "name": "USN-3741-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3741-2/"
            },
            {
              "name": "1041476",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041476"
            },
            {
              "name": "RHSA-2018:3459",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3459"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f",
              "refsource": "MISC",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
            },
            {
              "name": "RHSA-2018:2933",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2933"
            },
            {
              "name": "USN-3740-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3740-2/"
            },
            {
              "name": "USN-3741-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3741-1/"
            },
            {
              "name": "RHSA-2018:3590",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3590"
            },
            {
              "name": "RHSA-2018:2948",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2948"
            },
            {
              "name": "USN-3742-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3742-2/"
            },
            {
              "name": "USN-3740-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3740-1/"
            },
            {
              "name": "105108",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105108"
            },
            {
              "name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1466-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
            },
            {
              "name": "USN-3742-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3742-1/"
            },
            {
              "name": "RHSA-2018:2924",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2924"
            },
            {
              "name": "DSA-4272",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4272"
            },
            {
              "name": "RHSA-2018:3586",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3586"
            },
            {
              "name": "RHSA-2018:2846",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2846"
            },
            {
              "name": "1041637",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041637"
            },
            {
              "name": "RHSA-2018:3096",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3096"
            },
            {
              "name": "RHSA-2018:2791",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:2791"
            },
            {
              "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20181003-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
            },
            {
              "name": "[oss-security] 20190628 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
            },
            {
              "name": "[oss-security] 20190706 Re: linux-distros membership application - Microsoft",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
            },
            {
              "name": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2018-5391",
    "datePublished": "2018-09-06T21:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T05:33:44.368Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6568
Vulnerability from cvelistv5
Published
2019-04-17 13:40
Modified
2024-08-04 20:23
Summary
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.
Impacted products
Vendor Product Version
Siemens SIMATIC CP 1616 Version: All versions
Siemens SIMATIC CP 343-1 Advanced Version: All versions
Siemens SIMATIC CP 443-1 Version: All versions < V3.3
Siemens SIMATIC CP 443-1 Version: All versions < V3.3
Siemens SIMATIC CP 443-1 Advanced Version: All versions < V3.3
Siemens SIMATIC CP 443-1 OPC UA Version: All versions
Siemens SIMATIC ET 200pro IM154-8 PN/DP CPU Version: All versions < V3.2.16
Siemens SIMATIC ET 200pro IM154-8F PN/DP CPU Version: All versions < V3.2.16
Siemens SIMATIC ET 200pro IM154-8FX PN/DP CPU Version: All versions < V3.2.16
Siemens SIMATIC ET 200S IM151-8 PN/DP CPU Version: All versions < V3.2.16
Siemens SIMATIC ET 200S IM151-8F PN/DP CPU Version: All versions < V3.2.16
Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) Version: All versions < V2.1.6
Siemens SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) Version: All versions < V2.7
Siemens SIMATIC HMI Comfort Outdoor Panels 7" & 15" (incl. SIPLUS variants) Version: All versions < V15.1 Upd4
Siemens SIMATIC HMI Comfort Panels 4" - 22" (incl. SIPLUS variants) Version: All versions < V15.1 Upd4
Siemens SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F Version: All versions < V15.1 Upd4
Siemens SIMATIC IPC DiagMonitor Version: All versions < V5.1.3
Siemens SIMATIC RF182C Version: All versions
Siemens SIMATIC RF185C Version: All versions < V1.1.0
Siemens SIMATIC RF186C Version: All versions < V1.1.0
Siemens SIMATIC RF188C Version: All versions < V1.1.0
Siemens SIMATIC RF600R family Version: All versions < V3.2.1
Siemens SIMATIC RFID 181EIP Version: All versions
Siemens SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) Version: All versions < V2.6.1
Siemens SIMATIC S7-1500 Software Controller Version: All versions < V2.7
Siemens SIMATIC S7-300 CPU 314C-2 PN/DP Version: All versions < V3.3.16
Siemens SIMATIC S7-300 CPU 315-2 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 315F-2 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 315T-3 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 317-2 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 317F-2 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 317T-3 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 317TF-3 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 319-3 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-300 CPU 319F-3 PN/DP Version: All versions < V3.2.16
Siemens SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) Version: All versions
Siemens SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) Version: All versions
Siemens SIMATIC S7-PLCSIM Advanced Version: All versions < V2.0 SP1 UPD1
Siemens SIMATIC Teleservice Adapter IE Advanced Version: All versions
Siemens SIMATIC Teleservice Adapter IE Basic Version: All versions
Siemens SIMATIC Teleservice Adapter IE Standard Version: All versions
Siemens SIMATIC WinAC RTX 2010 Version: All versions < V2010 SP3
Siemens SIMATIC WinAC RTX F 2010 Version: All versions < V2010 SP3
Siemens SIMATIC WinCC Runtime Advanced Version: All versions < V15.1 Upd4
Siemens SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants) Version: All versions < V1.1.3
Siemens SIMOCODE pro V PROFINET (incl. SIPLUS variants) Version: All versions < V2.1.3
Siemens SINAMICS G130 V4.6 Control Unit Version: All versions
Siemens SINAMICS G130 V4.7 Control Unit Version: All versions
Siemens SINAMICS G130 V4.7 SP1 Control Unit Version: All versions
Siemens SINAMICS G130 V4.8 Control Unit Version: All versions < V4.8 HF6
Siemens SINAMICS G130 V5.1 Control Unit Version: All versions
Siemens SINAMICS G130 V5.1 SP1 Control Unit Version: All versions < V5.1 SP1 HF4
Siemens SINAMICS G150 V4.6 Control Unit Version: All versions
Siemens SINAMICS G150 V4.7 Control Unit Version: All versions
Siemens SINAMICS G150 V4.7 SP1 Control Unit Version: All versions
Siemens SINAMICS G150 V4.8 Control Unit Version: All versions < V4.8 HF6
Siemens SINAMICS G150 V5.1 Control Unit Version: All versions
Siemens SINAMICS G150 V5.1 SP1 Control Unit Version: All versions < V5.1 SP1 HF4
Siemens SINAMICS GH150 V4.7 (Control Unit) Version: All versions
Siemens SINAMICS GH150 V4.8 (Control Unit) Version: All versions < V4.8 SP2 HF9
Siemens SINAMICS GL150 V4.7 (Control Unit) Version: All versions
Siemens SINAMICS GL150 V4.8 (Control Unit) Version: All versions < V4.8 SP2 HF9
Siemens SINAMICS GM150 V4.7 (Control Unit) Version: All versions
Siemens SINAMICS GM150 V4.8 (Control Unit) Version: All versions < V4.8 SP2 HF9
Siemens SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants) Version: All versions
Siemens SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants) Version: All versions
Siemens SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants) Version: All versions
Siemens SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants) Version: All versions < V4.8 HF6
Siemens SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants) Version: All versions
Siemens SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants) Version: All versions < V5.1 SP1 HF4
Siemens SINAMICS S150 V4.6 Control Unit Version: All versions
Siemens SINAMICS S150 V4.7 Control Unit Version: All versions
Siemens SINAMICS S150 V4.7 SP1 Control Unit Version: All versions
Siemens SINAMICS S150 V4.8 Control Unit Version: All versions < V4.8 HF6
Siemens SINAMICS S150 V5.1 Control Unit Version: All versions
Siemens SINAMICS S150 V5.1 SP1 Control Unit Version: All versions < V5.1 SP1 HF4
Siemens SINAMICS S210 Version: All versions < V5.1 SP1 HF8
Siemens SINAMICS SL150 V4.7 (Control Unit) Version: All versions < V4.7 HF33
Siemens SINAMICS SL150 V4.8 (Control Unit) Version: All versions
Siemens SINAMICS SM120 V4.7 (Control Unit) Version: All versions
Siemens SINAMICS SM120 V4.8 (Control Unit) Version: All versions < V4.8 SP2 HF10
Siemens SINAMICS SM150 V4.8 (Control Unit) Version: All versions
Siemens SIPLUS ET 200S IM151-8 PN/DP CPU Version: All versions < V3.2.16
Siemens SIPLUS ET 200S IM151-8F PN/DP CPU Version: All versions < V3.2.16
Siemens SIPLUS NET CP 343-1 Advanced Version: All versions
Siemens SIPLUS NET CP 443-1 Version: All versions < V3.3
Siemens SIPLUS NET CP 443-1 Advanced Version: All versions < V3.3
Siemens SIPLUS S7-300 CPU 314C-2 PN/DP Version: All versions < V3.3.16
Siemens SIPLUS S7-300 CPU 315-2 PN/DP Version: All versions < V3.2.16
Siemens SIPLUS S7-300 CPU 315F-2 PN/DP Version: All versions < V3.2.16
Siemens SIPLUS S7-300 CPU 317-2 PN/DP Version: All versions < V3.2.16
Siemens SIPLUS S7-300 CPU 317F-2 PN/DP Version: All versions < V3.2.16
Siemens SITOP Manager Version: All versions < V1.1
Siemens SITOP PSU8600 Version: All versions < V1.5
Siemens SITOP UPS1600 (incl. SIPLUS variants) Version: All versions < V2.3
Siemens TIM 1531 IRC (incl. SIPLUS NET variants) Version: All versions < V2.1
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:23:22.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1604",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1616",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 443-1 OPC UA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200pro IM154-8FX PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI Comfort Panels 4\" - 22\" (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC IPC DiagMonitor",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF182C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF600R family",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RFID 181EIP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.6.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-1500 Software Controller",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.7"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 315T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317T-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 317TF-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-300 CPU 319F-3 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC S7-PLCSIM Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0 SP1 UPD1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Basic",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Teleservice Adapter IE Standard",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinAC RTX F 2010",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2010 SP3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC WinCC Runtime Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V15.1 Upd4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V Ethernet/IP (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMOCODE pro V PROFINET (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.6 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.7 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V4.8 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V5.1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G130 V5.1 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.6 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.7 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V4.8 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V5.1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS G150 V5.1 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GH150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GH150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GL150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GL150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GM150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS GM150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF9"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.6 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.7 SP1 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V4.8 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V5.1 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S120 V5.1 SP1 Control Unit (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.6 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.7 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V4.8 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 HF6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V5.1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S150 V5.1 SP1 Control Unit",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS S210",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V5.1 SP1 HF8"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.7 HF33"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SL150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM120 V4.7 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM120 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.8 SP2 HF10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SINAMICS SM150 V4.8 (Control Unit)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8 PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200S IM151-8F PN/DP CPU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 343-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 443-1 Advanced",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 314C-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 315F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-300 CPU 317F-2 PN/DP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.2.16"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP Manager",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP PSU8600",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V1.5"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SITOP UPS1600 (incl. SIPLUS variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "TIM 1531 IRC (incl. SIPLUS NET variants)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-09T11:51:03.049Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2019-6568",
    "datePublished": "2019-04-17T13:40:24",
    "dateReserved": "2019-01-22T00:00:00",
    "dateUpdated": "2024-08-04T20:23:22.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-31340
Vulnerability from cvelistv5
Published
2021-06-08 19:47
Modified
2024-08-03 22:55
Severity ?
Summary
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.
Impacted products
Vendor Product Version
Siemens SIMATIC RF185C Version: All versions > V1.1 and < V1.3.2
Siemens SIMATIC RF186C Version: All versions > V1.1 and < V1.3.2
Siemens SIMATIC RF186CI Version: All versions > V1.1 and < V1.3.2
Siemens SIMATIC RF188C Version: All versions > V1.1 and < V1.3.2
Siemens SIMATIC RF188CI Version: All versions > V1.1 and < V1.3.2
Siemens SIMATIC RF360R Version: All versions < V2.0
Siemens SIMATIC Reader RF610R CMIIT Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF610R ETSI Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF610R FCC Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF615R CMIIT Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF615R ETSI Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF615R FCC Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF650R ARIB Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF650R CMIIT Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF650R ETSI Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF650R FCC Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF680R ARIB Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF680R CMIIT Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF680R ETSI Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF680R FCC Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF685R ARIB Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF685R CMIIT Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF685R ETSI Version: All versions > V3.0 < V4.0
Siemens SIMATIC Reader RF685R FCC Version: All versions > V3.0 < V4.0
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:53.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SIMATIC RF166C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V1.1 and \u003c V1.3.2"
            }
          ]
        },
        {
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V1.1 and \u003c V1.3.2"
            }
          ]
        },
        {
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V1.1 and \u003c V1.3.2"
            }
          ]
        },
        {
          "product": "SIMATIC RF186CI",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V1.1 and \u003c V1.3.2"
            }
          ]
        },
        {
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V1.1 and \u003c V1.3.2"
            }
          ]
        },
        {
          "product": "SIMATIC RF188CI",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V1.1 and \u003c V1.3.2"
            }
          ]
        },
        {
          "product": "SIMATIC RF360R",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF610R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF610R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF610R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF615R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF615R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF615R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF650R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF650R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF650R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF650R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF680R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF680R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF680R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF680R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF685R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF685R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF685R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        },
        {
          "product": "SIMATIC Reader RF685R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e V3.0 \u003c V4.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC RF166C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF185C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF360R (All versions \u003c V2.0), SIMATIC Reader RF610R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R FCC (All versions \u003e V3.0 \u003c V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-10T09:46:26",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "productcert@siemens.com",
          "ID": "CVE-2021-31340",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SIMATIC RF166C",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF185C",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF186C",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF186CI",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF188C",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF188CI",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V1.1 and \u003c V1.3.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC RF360R",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003c V2.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF610R CMIIT",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF610R ETSI",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF610R FCC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF615R CMIIT",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF615R ETSI",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF615R FCC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF650R ARIB",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF650R CMIIT",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF650R ETSI",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF650R FCC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF680R ARIB",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF680R CMIIT",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF680R ETSI",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF680R FCC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF685R ARIB",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF685R CMIIT",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF685R ETSI",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SIMATIC Reader RF685R FCC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions \u003e V3.0 \u003c V4.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Siemens"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability has been identified in SIMATIC RF166C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF185C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF360R (All versions \u003c V2.0), SIMATIC Reader RF610R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R FCC (All versions \u003e V3.0 \u003c V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400: Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf",
              "refsource": "MISC",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2021-31340",
    "datePublished": "2021-06-08T19:47:16",
    "dateReserved": "2021-04-15T00:00:00",
    "dateUpdated": "2024-08-03T22:55:53.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-37990
Vulnerability from cvelistv5
Published
2024-09-10 09:36
Modified
2024-09-10 15:12
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.
Impacted products
Vendor Product Version
Siemens SIMATIC Reader RF610R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF610R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF615R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF615R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF615R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF650R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF650R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF650R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF680R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF680R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF680R FCC Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ARIB Version: 0   < V4.2
Siemens SIMATIC Reader RF685R CMIIT Version: 0   < V4.2
Siemens SIMATIC Reader RF685R ETSI Version: 0   < V4.2
Siemens SIMATIC Reader RF685R FCC Version: 0   < V4.2
Siemens SIMATIC RF1140R Version: 0   < V1.1
Siemens SIMATIC RF1170R Version: 0   < V1.1
Siemens SIMATIC RF166C Version: 0   < V2.2
Siemens SIMATIC RF185C Version: 0   < V2.2
Siemens SIMATIC RF186C Version: 0   < V2.2
Siemens SIMATIC RF186CI Version: 0   < V2.2
Siemens SIMATIC RF188C Version: 0   < V2.2
Siemens SIMATIC RF188CI Version: 0   < V2.2
Siemens SIMATIC RF360R Version: 0   < V2.2
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-37990",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T15:12:00.893655Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T15:12:10.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF610R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF615R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF650R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF680R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ARIB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R CMIIT",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R ETSI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC Reader RF685R FCC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1140R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF1170R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V1.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF166C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF185C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF186CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF188CI",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC RF360R",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-912",
              "description": "CWE-912: Hidden Functionality",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:36:33.772Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-37990",
    "datePublished": "2024-09-10T09:36:33.772Z",
    "dateReserved": "2024-06-11T08:32:52.183Z",
    "dateUpdated": "2024-09-10T15:12:10.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2018-09-06 21:29
Modified
2024-11-21 04:08
Summary
The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.
References
cret@cert.orghttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txtThird Party Advisory
cret@cert.orghttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-enBroken Link
cret@cert.orghttp://www.openwall.com/lists/oss-security/2019/06/28/2Mailing List, Third Party Advisory
cret@cert.orghttp://www.openwall.com/lists/oss-security/2019/07/06/3Mailing List, Third Party Advisory
cret@cert.orghttp://www.openwall.com/lists/oss-security/2019/07/06/4Mailing List, Third Party Advisory
cret@cert.orghttp://www.securityfocus.com/bid/105108Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1041476Third Party Advisory, VDB Entry
cret@cert.orghttp://www.securitytracker.com/id/1041637Third Party Advisory, VDB Entry
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:2785Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:2791Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:2846Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:2924Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:2925Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:2933Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:2948Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:3083Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:3096Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:3459Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:3540Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:3586Third Party Advisory
cret@cert.orghttps://access.redhat.com/errata/RHSA-2018:3590Third Party Advisory
cret@cert.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdfThird Party Advisory
cret@cert.orghttps://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19fPatch, Vendor Advisory
cret@cert.orghttps://lists.debian.org/debian-lts-announce/2018/08/msg00014.htmlMailing List, Mitigation, Third Party Advisory
cret@cert.orghttps://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlMailing List, Third Party Advisory
cret@cert.orghttps://security.netapp.com/advisory/ntap-20181003-0002/Third Party Advisory
cret@cert.orghttps://support.f5.com/csp/article/K74374841?utm_source=f5support&amp%3Butm_medium=RSS
cret@cert.orghttps://usn.ubuntu.com/3740-1/Third Party Advisory
cret@cert.orghttps://usn.ubuntu.com/3740-2/Third Party Advisory
cret@cert.orghttps://usn.ubuntu.com/3741-1/Third Party Advisory
cret@cert.orghttps://usn.ubuntu.com/3741-2/Third Party Advisory
cret@cert.orghttps://usn.ubuntu.com/3742-1/Third Party Advisory
cret@cert.orghttps://usn.ubuntu.com/3742-2/Third Party Advisory
cret@cert.orghttps://www.debian.org/security/2018/dsa-4272Mitigation, Third Party Advisory
cret@cert.orghttps://www.kb.cert.org/vuls/id/641765Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txtThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-enBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/06/28/2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/07/06/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/07/06/4Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/105108Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041476Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041637Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2785Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2791Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2846Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2924Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2925Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2933Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:2948Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:3083Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:3096Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:3459Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:3540Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:3586Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2018:3590Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19fPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2018/08/msg00014.htmlMailing List, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/03/msg00017.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20181003-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K74374841?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3740-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3740-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3741-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3741-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3742-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3742-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2018/dsa-4272Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/641765Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
linux linux_kernel *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux_server_aus 6.6
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_eus 6.7
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_tus 7.4
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_workstation 7.0
debian debian_linux 8.0
debian debian_linux 9.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
microsoft windows_10 -
microsoft windows_10 1607
microsoft windows_10 1703
microsoft windows_10 1709
microsoft windows_10 1803
microsoft windows_7 -
microsoft windows_8.1 -
microsoft windows_rt_8.1 -
microsoft windows_server_2008 -
microsoft windows_server_2008 r2
microsoft windows_server_2008 r2
microsoft windows_server_2012 -
microsoft windows_server_2012 r2
microsoft windows_server_2016 -
microsoft windows_server_2016 1709
microsoft windows_server_2016 1803
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
siemens ruggedcom_rm1224_firmware *
siemens ruggedcom_rm1224 -
siemens ruggedcom_rox_ii_firmware *
siemens ruggedcom_rox_ii -
siemens scalance_m-800_firmware *
siemens scalance_m-800 -
siemens scalance_s615_firmware *
siemens scalance_s615 -
siemens scalance_sc-600_firmware *
siemens scalance_sc-600 -
siemens scalance_w1700_ieee_802.11ac_firmware *
siemens scalance_w1700_ieee_802.11ac -
siemens scalance_w700_ieee_802.11a\/b\/g\/n_firmware *
siemens scalance_w700_ieee_802.11a\/b\/g\/n -
siemens simatic_net_cp_1242-7_firmware *
siemens simatic_net_cp_1242-7 -
siemens simatic_net_cp_1243-1_firmware *
siemens simatic_net_cp_1243-1 -
siemens simatic_net_cp_1243-7_lte_eu_firmware *
siemens simatic_net_cp_1243-7_lte_eu -
siemens simatic_net_cp_1243-7_lte_us_firmware *
siemens simatic_net_cp_1243-7_lte_us -
siemens simatic_net_cp_1243-8_irc_firmware *
siemens simatic_net_cp_1243-8_irc -
siemens simatic_net_cp_1542sp-1_firmware *
siemens simatic_net_cp_1542sp-1 -
siemens simatic_net_cp_1542sp-1_irc_firmware *
siemens simatic_net_cp_1542sp-1_irc -
siemens simatic_net_cp_1543-1_firmware *
siemens simatic_net_cp_1543-1 -
siemens simatic_net_cp_1543sp-1_firmware *
siemens simatic_net_cp_1543sp-1 -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf188_firmware *
siemens simatic_rf188 -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens sinema_remote_connect_server_firmware *
siemens sinema_remote_connect_server -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "686948B0-67CE-46FB-87DF-D4A796614CF8",
              "versionEndIncluding": "4.18",
              "versionStartIncluding": "3.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
              "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
              "matchCriteriaId": "E01A4CCA-4C43-46E0-90E6-3E4DBFBACD64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE2E768-0F45-46E1-B6D7-087917109D98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
              "matchCriteriaId": "83B14968-3985-43C3-ACE5-8307196EFAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB85C75-4D35-480E-843D-60579EC75FCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
              "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:itanium:*:*",
              "matchCriteriaId": "1BC405FE-D553-4F6E-A524-E0535B21BEBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B454BFE-D3AB-4CDC-B79B-F60EA3F57DBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAACE735-003E-4ACB-A82E-C0CF97D7F013",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "627558CA-2606-4497-A232-0522D1CC8239",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9264B296-3445-4B9F-927D-7865BF3D8AF6",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F7CF1E3-B1DA-4920-A37B-522CBA915535",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58C8E163-2A45-4C64-A7C2-5686C1EB3C78",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "471EEDFE-F399-4DA4-A229-F35570514346",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72900780-80F2-470C-AED6-92736CC5EFC7",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE43D60-C369-4806-B10A-97B02D715DFD",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDF69DE-310C-4C01-AA98-5EFB76C4E639",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17D443D-9E5D-4F41-A539-6D7842B21E25",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB7CEBE-7EB5-48BD-89F5-DE3B20C0946A",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D76F8CD6-1E23-4CB1-BE04-2F74E660120F",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6925A921-F946-4746-AE60-18919E44DAE2",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C1988C-A886-4040-A640-81C8E6732813",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA8C03D-3661-446D-B502-BEB52B7B6305",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0239DD74-6914-4B1C-9DA4-8D8D799A9B58",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86641EEE-52C4-4A09-9D0C-CC3254CFC256",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4F65BFF-8F85-487E-850A-DFF8DA9D8F59",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E12292F-25C7-48CD-A96A-097779B73DEC",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1503B2F8-3549-4E52-87E9-6F0FD91F1428",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D36C6B19-D8ED-4E32-AEA1-D045F3B922DC",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1D20BE1-7450-45AB-8A36-5AA1A84C3B54",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3FFD367-E47B-4491-9364-1BA3FA481964",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65A931C9-4301-49E2-B3C8-235862664E36",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8BA9BE0-1646-41EF-BCE2-7BD4021196C5",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAA2418-D5A0-44D9-B4C7-D55553D374C1",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "068DD700-87D5-4979-A000-84A4D630F653",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB505ABB-7752-4590-9E8A-C5EAC190B349",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46B8BF4-6DB9-48C1-8CB6-1FE0DE5B08C7",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B34FC0-168E-4CA8-B1F4-BDC0D2213280",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F10D272B-F8F8-4D67-B562-3B2AC9F30E52",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BBF6B3-6F7E-468C-9723-4C13049259D0",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F13E6EC1-5BC4-4A17-928A-667DA7A93EBD",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F1C894-A475-457E-9AD9-934151E76200",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "678B7FC3-6796-4159-BF2B-8FAD49E0F566",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBCF9B1E-E4DF-46FE-BB85-E51657595936",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98117B55-838B-47C5-84AE-8F84357F1BAE",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "670C542A-63F1-4FC2-B215-ADE94FCF3512",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F104C6F4-47BB-416D-AB73-BBEA8A1BAE4B",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E47FF6-A851-4588-9F39-B292D4147AE6",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A8809FF-F8DF-48E8-9885-CD0C2AD79024",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0972BE5-3E14-4BB3-A635-C346FA49AA85",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBDBCC20-D7F8-4125-862F-E5596302DC90",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7FFD156-606F-40DC-90D0-60B3DB5E3D90",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D960933D-9476-4473-A3FB-0032C051BE50",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3092DC8B-088E-45D2-BF0E-2E99C5395431",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1383A6A-60CF-4C10-9CFB-7B4FAEBEA3E6",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29D81E70-82D9-4FE8-B0D0-214149C30CF0",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C126233-AEE0-4E51-A738-CB6D098C4478",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D33B41-F19D-4B46-9F9E-FC03051EBB0C",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1D72DB2-91EA-4DBB-A68F-DC5127930755",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6065C3C1-1C16-48A5-B879-0F2A4B757D66",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BB3A6AE-0CE4-4A5D-AFA6-6AC0AE49B616",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B330C1A9-F937-4DE5-B111-46970DA853C2",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63529AEA-8B74-4CA1-BADF-14514D243DC5",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B00FFF-D49D-4C1C-9416-F6E95049945C",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54E61F23-BDD2-4938-AE39-D95C03B471B6",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BBC3D4-9B4E-4185-B327-8902DDFD4234",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C497F2ED-D143-4207-BCDA-68C3DB856529",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE65180C-47C8-41CF-B6C7-181259605B2C",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD3A8B31-C29E-4F5C-A95E-DB3F88E83A6D",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "40B3C644-1703-4599-9021-F2C919B11AEC",
              "versionEndExcluding": "11.6.5.1",
              "versionStartIncluding": "11.5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D518DD68-B336-43A8-883C-1CE7B9BB5B0F",
              "versionEndExcluding": "12.1.5",
              "versionStartIncluding": "12.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF432A4-76B4-4D32-B864-60F30568CABF",
              "versionEndExcluding": "13.1.3",
              "versionStartIncluding": "13.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54E703A5-F9F1-4DDA-8B70-D3C6F51038B6",
              "versionEndExcluding": "14.0.1.1",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB13A0E-C1C4-403C-9990-AB7729F9585D",
              "versionEndExcluding": "14.1.2.4",
              "versionStartIncluding": "14.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "755BF920-21B8-4D5C-AFF3-5566A0FF9FE4",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "284DF779-D900-48B4-A177-7281CD445AB5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CB10E02-C5CA-42AC-AD48-72CE508CD627",
              "versionEndExcluding": "2.13.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rox_ii:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA04F52-40D0-4A4B-9767-265A26EFD98D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E409347-918D-4C13-AC0D-B76867A78786",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB9921A-5204-40A3-88AB-B7755F5C6875",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DB470D9-102A-429B-81C2-F9C28ABB627F",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCBF7633-A3E7-4CEF-AC2A-085AF303FF27",
              "versionEndExcluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725C671B-D7A0-48CF-8A31-5F9C4173F1DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w1700_ieee_802.11ac_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AF4337-C610-4E5B-9F6E-E0AE059E9D2E",
              "versionEndExcluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w1700_ieee_802.11ac:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55CA7B83-9295-451A-9B78-832761A6BA79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C4A8F09-A7B9-4569-A3AE-F3572CBD9AA5",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w700_ieee_802.11a\\/b\\/g\\/n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEAC9491-87D0-480B-B49A-4EC5D2A2C802",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1242-7_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58AACBFB-F828-4A17-816E-0BCA406B063D",
              "versionEndExcluding": "3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1242-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "122D4621-9DBD-4BB7-8CEF-2E9F69E6F8DA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB9F6B9-7A43-4669-AEB8-30644609C5D9",
              "versionEndExcluding": "3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65278BA0-3C81-4D81-9801-D7BE3A1D7680",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E5B6CE8-F314-43C4-A01A-79DA4C71A34F",
              "versionEndExcluding": "3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "555FAB7F-8D8C-46E8-91E2-83AA93A41940",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C1A675-67F8-4A1C-A67F-E081AC647A55",
              "versionEndExcluding": "3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-7_lte_us:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5179046-6D98-46A2-BDB8-2D5EF3C6D46F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "251E49C6-735C-492F-BD26-6994A6BB40BD",
              "versionEndExcluding": "3.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "350FD323-C876-4C7A-A2E7-4B0660C87F6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47EDF46E-8273-478A-A1F4-3CE781CB5E24",
              "versionEndExcluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0602DEEA-AE39-4A44-9D78-6623943DDCD6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52ED214A-EA23-43A7-B7F8-F0017B1063F8",
              "versionEndExcluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "951CDCA7-73BD-4494-9ED9-FD741A01DF93",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F56C2BDC-928E-491A-8E7C-F976B3787C7A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2D103B7-B693-4E35-AF55-9238B6A16E77",
              "versionEndExcluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B50B8-2FB7-4982-88AA-B4F2AD094796",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31BF3B2C-98D9-455F-BCB4-EEAC7EE84C9A",
              "versionEndExcluding": "1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63E0D36E-1DF9-4DB8-B563-EF77D947FA9E",
              "versionEndExcluding": "1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E39C5C7A-543C-4271-80EF-C728FFFA50D2",
              "versionEndExcluding": "1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34F52786-B328-4066-8F3C-457358E42989",
              "versionEndExcluding": "1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E776EC-16DD-404D-A8AA-2344BA306E3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "361C68A1-6FDE-47EB-84C5-31AB100E8F30",
              "versionEndExcluding": "1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinema_remote_connect_server_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "284428BD-FF75-4D48-9137-2D64B46B6ED4",
              "versionEndExcluding": "2.0.1",
              "versionStartIncluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinema_remote_connect_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50360459-773D-4B1C-B28D-02A01BE5A0EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size."
    },
    {
      "lang": "es",
      "value": "El kernel de Linux en versiones a partir de la 3.9 es vulnerable a un ataque de denegaci\u00f3n de servicio (DoS) con tasas bajas de paquetes especialmente modificados que apuntan hacia el reensamblado de fragmentos de IP. Un atacante podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de fragmentos de IP especialmente manipulados. Se han descubierto varias vulnerabilidades en la fragmentaci\u00f3n de IP, que se han ido solucionando a lo largo de los a\u00f1os. La vulnerabilidad actual (CVE-2018-5391) se volvi\u00f3 explotable en el kernel de Linux con el aumento del tama\u00f1o de la cola de reensamblado de fragmentos de IP."
    }
  ],
  "id": "CVE-2018-5391",
  "lastModified": "2024-11-21T04:08:43.897",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-09-06T21:29:00.363",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105108"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041476"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041637"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2785"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2791"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2846"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2924"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2925"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2933"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2948"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3083"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3096"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3459"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3540"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3586"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3590"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
    },
    {
      "source": "cret@cert.org",
      "url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3740-1/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3740-2/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3741-1/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3741-2/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3742-1/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3742-2/"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4272"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/641765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/06/28/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/06/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2019/07/06/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2791"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2924"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2948"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3540"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:3590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20181003-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K74374841?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3740-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3740-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3741-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3741-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3742-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://usn.ubuntu.com/3742-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2018/dsa-4272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/641765"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "cret@cert.org",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:46
Summary
The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device.
Impacted products
Vendor Product Version
siemens cp1604_firmware *
siemens cp1604 -
siemens cp1616_firmware *
siemens cp1616 -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_cp343-1_advanced_firmware *
siemens simatic_cp343-1_advanced -
siemens simatic_cp443-1_firmware *
siemens simatic_cp443-1 -
siemens simatic_cp443-1_advanced_firmware *
siemens simatic_cp443-1_advanced -
siemens simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware *
siemens simatic_et_200_sp_open_controller_cpu_1515sp_pc -
siemens simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware *
siemens simatic_et_200_sp_open_controller_cpu_1515sp_pc2 -
siemens simatic_hmi_comfort_outdoor_panels_firmware *
siemens simatic_hmi_comfort_outdoor_panels_firmware 15.1
siemens simatic_hmi_comfort_outdoor_panels -
siemens simatic_hmi_comfort_panels_firmware *
siemens simatic_hmi_comfort_panels_firmware 15.1
siemens simatic_hmi_comfort_panels -
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp400f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp400f -
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700 -
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp700f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp700f -
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900 -
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware *
siemens simatic_hmi_ktp_mobile_panels_ktp900f_firmware 15.1
siemens simatic_hmi_ktp_mobile_panels_ktp900f -
siemens simatic_cp443-1_opc_ua *
siemens simatic_ipc_diagmonitor *
siemens simatic_s7-1500_software_controller *
siemens simatic_s7-plcsim_advanced *
siemens simatic_s7-plcsim_advanced 2.0
siemens simatic_s7-plcsim_advanced 2.0
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens simatic_wincc_runtime_advanced 15.1
siemens sitop_manager *
siemens simatic_rf600r_firmware *
siemens simatic_rf600r -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf182c_firmware *
siemens simatic_rf182c -
siemens simatic_rf181-eip_firmware *
siemens simatic_rf181-eip -
siemens simatic_s7-1500_firmware *
siemens simatic_s7-1500 -
siemens simatic_s7-300_firmware *
siemens simatic_s7-300 -
siemens simatic_s7-400_pn_firmware *
siemens simatic_s7-400_pn -
siemens simatic_s7-400_pn\/dp_firmware *
siemens simatic_s7-400_pn\/dp -
siemens simatic_teleservice_adapter_ie_advanced_firmware *
siemens simatic_teleservice_adapter_ie_advanced -
siemens simatic_teleservice_adapter_ie_basic_firmware *
siemens simatic_teleservice_adapter_ie_basic -
siemens simatic_teleservice_adapter_ie_standard_firmware *
siemens simatic_teleservice_adapter_ie_standard -
siemens simatic_winac_rtx_firmware *
siemens simatic_winac_rtx_firmware 2010
siemens simatic_winac_rtx -
siemens simocode_pro_v_eip_firmware *
siemens simocode_pro_v_eip -
siemens simocode_pro_v_pn_firmware *
siemens simocode_pro_v_pn -
siemens sinamics_g130_firmware *
siemens sinamics_g130 -
siemens sinamics_g150_firmware *
siemens sinamics_g150 -
siemens sinamics_s120_firmware *
siemens sinamics_s120 -
siemens sinamics_s150_firmware *
siemens sinamics_s150_firmware 5.1
siemens sinamics_s150_firmware 5.1
siemens sinamics_s150_firmware 5.1
siemens sinamics_s150 -
siemens sinamics_s210_firmware *
siemens sinamics_s210_firmware 5.1
siemens sinamics_s210_firmware 5.1
siemens sinamics_s210 -
siemens sitop_psu8600_firmware *
siemens sitop_psu8600 -
siemens sitop_ups1600_firmware *
siemens sitop_ups1600 -
siemens tim_1531_irc_firmware *
siemens tim_1531_irc -
siemens simatic_s7-1500f_firmware *
siemens simatic_s7-1500f -
siemens simatic_s7-1500s_firmware *
siemens simatic_s7-1500s -
siemens simatic_s7-1500t_firmware *
siemens simatic_s7-1500t -
siemens sinamics_gh150_firmware *
siemens sinamics_gh150_firmware 4.8
siemens sinamics_gh150 -
siemens sinamics_gl150_firmware *
siemens sinamics_gl150_firmware 4.8
siemens sinamics_gl150 -
siemens sinamics_gm150_firmware *
siemens sinamics_gm150_firmware 4.8
siemens sinamics_gm150 -
siemens sinamics_sl150_firmware *
siemens sinamics_sl150_firmware 4.8
siemens sinamics_sl150 -
siemens sinamics_sm120_firmware *
siemens sinamics_sm120_firmware 4.8
siemens sinamics_sm120 -
siemens sinamics_sm150_firmware *
siemens sinamics_sm150_firmware 5.1
siemens sinamics_sm150 -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cp1604_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E737620D-9D00-4151-B232-7DFB7FD768B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cp1604:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222006F-09D7-49F7-B8C7-4D94298A8F6A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:cp1616_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FE6F54-1457-4EB6-9273-1D93B3B97386",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:cp1616:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "184365A2-BAD2-4926-ACEE-F71E018D3CE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69EE2BF6-3846-478F-9AC6-BEF34617F3B5",
              "versionEndExcluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp343-1_advanced_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E6601B8-E032-4B39-BF65-F25CF047EB99",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp343-1_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACCC0229-E454-4BEF-931A-3CD820500822",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp443-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2035A020-F41E-4FC7-A290-9923574D4921",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp443-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB8636E9-A3DA-4DDC-A3FC-B3EAAD07952E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp443-1_advanced_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AD15638-8B84-4DA2-9DDC-9A1CA3548E91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp443-1_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE94F56-71DB-4837-9818-6827C80DE2BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1873751-81F4-4732-B30F-9F2DEECBC110",
              "versionEndExcluding": "2.1.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9A5678E-9EAA-441A-AC77-94F824D64AEE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36AC571-C958-4CB8-91D9-5417C1812C02",
              "versionEndExcluding": "2.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_et_200_sp_open_controller_cpu_1515sp_pc2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00361A3C-60E9-4365-BB51-09D7792C441D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299F88D-8885-4871-93E1-CBEFD3156B15",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "F18EA7BD-47D0-4367-8F18-C89239B201E3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "865FD012-F390-4BB8-B14F-533840B95512",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_panels_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "5418D916-49A6-4B79-A653-E2C5221DEBE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BCFE761-35C9-43EF-85BC-E8083B9F75CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8EC6926-258F-4F5C-88D2-33FE363340DB",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp400f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "97E283EF-A950-40E7-91C7-839203A333A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp400f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F106DEE3-4DED-46E4-9661-9D9C7B729BC0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D9CF819-E06C-4EAA-85B3-AC40E039D485",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4AF727E5-7849-4980-8AA5-7469FD52DF86",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D175BC55-2EAA-4D4A-9E05-2FBB228160F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B28FB484-526A-437E-80E3-B62F54F1BEF6",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp700f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "61DFC57F-0359-4B4A-A13C-067B21D3DA7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp700f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C39166C-38CA-426F-9702-B9CA5ED6630C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66FC2264-7DDD-4BEF-9795-AC6A5A00886B",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D68363A9-D1D5-4E49-98D1-E5F8C324BC22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D29338CD-57BD-4734-9204-118EA53D42FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4F0084-91A5-4D7E-971B-9DB979849594",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_ktp900f_firmware:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "36EEF9EB-91EF-4697-A963-7C8F955778EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels_ktp900f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7858AB-F89E-4E50-8873-DE8F5F2A07CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_cp443-1_opc_ua:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "56396833-12BF-4AE5-8D3E-695652A99DBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_ipc_diagmonitor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD49A39-47D7-473C-9E46-6D9246BC6D04",
              "versionEndExcluding": "5.1.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-1500_software_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11C0A94D-5506-4A75-99E1-CA9769AF057C",
              "versionEndExcluding": "2.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B66A2A4-5062-45F8-A615-2DA716650909",
              "versionEndExcluding": "2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "AED3A3AF-EF77-4E58-91AD-BBE01E1DA4A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_s7-plcsim_advanced:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "23039930-E45C-4B0E-883A-E2F9A7502984",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06364800-4C54-4BE4-B4AA-0CF29E4E82AA",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "4FBDFA7B-504A-4F58-967F-15CAFCEB5594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update1:*:*:*:*:*:*",
              "matchCriteriaId": "4D184A8F-963A-4730-AED4-1994EEA91702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update2:*:*:*:*:*:*",
              "matchCriteriaId": "16DAC92E-141C-4923-96F5-2620F60E763A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:15.1:update3:*:*:*:*:*:*",
              "matchCriteriaId": "B3300D8B-E0A1-4CEF-8BE0-AED3F19E9015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sitop_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2662688E-6975-46C7-939B-25FF4790518D",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf600r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CBED3D-892A-4EC0-BE2E-358040C34304",
              "versionEndExcluding": "3.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf600r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFA55275-691D-4269-93E4-C559C89E3FA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25F96DAA-696D-4EB4-97DF-986C7681700B",
              "versionEndExcluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8FFD1C-8E33-48E9-A884-B80311F8BA4C",
              "versionEndExcluding": "1.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf182c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FC4F972-3A3B-421C-8D62-9C5C4D1992CF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf182c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7540DAD9-2AAC-46A9-B1C5-BB1AC4FCE710",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf181-eip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA94867-4367-4186-8A4B-44C3CBCCEF7F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf181-eip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E10A0D57-8805-44DB-95E3-1B240ED5ED09",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE766CD-695B-4A12-8BC5-3743D8E3D73E",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "30DDEA9B-E1BF-4572-8E12-D13C54603E77",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9461CADE-1624-4D1B-8CF2-CF65F75071C0",
              "versionEndExcluding": "3.3.17",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EFD4E99-5C66-443F-8B6F-FA01C895DE78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A2219FE-2C3F-4948-85D6-3C53AC08722B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "795D0FF9-1D0B-4C74-BEF3-58EAE74DFA0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-400_pn\\/dp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC917346-94F6-44FD-AC00-AED0CF3CBBD1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-400_pn\\/dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60D816D-85A5-4971-AF2D-666AE0B74E9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_advanced_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E76BDE-C7E9-4D6B-B5D9-A456516CD016",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_advanced:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DA3D1A-E435-418F-9A13-945B4BA15FC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_basic_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80D166A8-1EEC-42F4-8EAB-1747247A7A05",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_basic:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFA520B6-5177-43E4-87C0-C215F79FE9B4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_teleservice_adapter_ie_standard_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C887573-8BE8-42CF-B35A-22F9311AC627",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_teleservice_adapter_ie_standard:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A5A3F7E-D039-430F-89B0-6AB4FD2428D4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80BDBB38-20D2-48C3-8B58-62C2D8CC00B8",
              "versionEndExcluding": "2010",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_winac_rtx_firmware:2010:-:*:*:*:*:*:*",
              "matchCriteriaId": "EA59D713-F342-4CDA-BDC8-108352D385DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_winac_rtx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA5ADAB0-3985-4933-8CDD-D1546D8271CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simocode_pro_v_eip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A001968-C7FD-4C11-8439-11532B234CC2",
              "versionEndExcluding": "1.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simocode_pro_v_eip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50BDA360-0D33-42DC-ADB9-2F69503C2CD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simocode_pro_v_pn_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15CB26DA-7CA0-4BD6-A219-01F6E8A6F03F",
              "versionEndExcluding": "2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simocode_pro_v_pn:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1779AE78-AC90-48BE-8FF2-CC11E7CA3CB4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_g130_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "856768D2-C096-4CA7-B26F-E94B005C0D79",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_g130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "373DBE44-AC28-4D04-93BB-35CD8C60E899",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_g150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C579C2C7-0402-46B2-A770-C3B7F71D1096",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_g150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2296CA65-0E89-4BCB-8003-E7212BF1F585",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03F9CBC3-B2B3-4FA7-963D-A8F3AE6D8EA0",
              "versionEndExcluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_s120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5A824BD-935F-4E53-8313-C5544B0489C7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "126AC93E-A39F-4754-9707-207C9F2F64F4",
              "versionEndExcluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "3E8BCCED-BDC6-4785-8705-799836E5024E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "098262CC-4D3B-4E55-83C3-2816403C553B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s150_firmware:5.1:sp1_hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "6092F899-9A89-4FA4-BD80-97511DF7CF8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_s150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D48682C-A39D-4A09-B904-50FA64A9D2A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7269713-6505-41DF-B85B-F729E24A3F5B",
              "versionEndExcluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "BEBF14B3-65A0-41E9-B99C-D88548F307CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_s210_firmware:5.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F151297C-3097-483F-98B5-0261BD547421",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_s210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFA8FB3-12A9-4D2E-BCFD-C66313521C80",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sitop_psu8600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F389808-001E-4650-86B2-00A72D25BCD0",
              "versionEndExcluding": "1.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sitop_psu8600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55058209-8AE5-42AF-80D4-5A7A44307266",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sitop_ups1600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD39CC96-ABE3-4854-A102-36AFE1F6CB14",
              "versionEndExcluding": "2.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sitop_ups1600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC1A64E-6A27-4F91-8A13-829E0F7D8E80",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B023E75A-B76D-4FD8-9660-1F233092160F",
              "versionEndExcluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500f_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C47A4A-BE81-499A-AB36-491661B88693",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A255BC06-2776-4111-A525-76B17371B295",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A446D2-39ED-4635-AAA0-85D977F600FE",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1752A2A-0034-4E00-AAC6-FA15345D7A41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500t_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5238622A-BCAD-4A06-9920-49BECFDDC2A6",
              "versionEndExcluding": "2.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "741B2C38-174C-49DF-98D8-F7D6F49D1CE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E231DE7-8B8D-41A3-A163-CE8EF50AF9D0",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gh150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "6D076504-AFE3-4C51-80E5-C5992CA7D511",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gh150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF977545-395A-4C34-BB22-A1047B5B6E85",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3653DA37-DB23-41E0-8CE8-838E384AA40A",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gl150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "0F86A334-10F9-4DFB-A421-CBCAFD86C8C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED7F33B-D475-4232-8683-48554A6729F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E25804D-D943-4C2A-9C78-AAC61F7BA4FF",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_gm150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "06B69CD4-3AEC-4014-81DB-33805A44A5D3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_gm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD76CFB0-B5D7-40DC-8D14-FC9C9BACF3CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD67D30A-8681-41AE-B248-7E50BA1B9FC8",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sl150_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "FCC0EE8B-1088-46B6-992A-B8E12A7B7DC2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sl150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6619B0F-7CDC-40A6-89B2-C6067AF45214",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31393A1B-4DBC-476D-875E-463B4B887E1B",
              "versionEndExcluding": "4.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm120_firmware:4.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "0206F9F2-27C7-4D2F-817B-13F8FA31E547",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444DD77F-DB65-4766-A89D-7A679B4CA1E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC70D596-AA1E-4196-87B0-BECEE6568AA7",
              "versionEndExcluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_sm150_firmware:5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "1E81CDB5-122F-48D1-B9F1-4C401D46D978",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_sm150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE231E2-2B2B-407A-BF7A-9EA35F394229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The webserver of the affected devices contains a vulnerability that may lead to\r\na denial of service condition. An attacker may cause a denial of service\r\nsituation which leads to a restart of the webserver of the affected device.\r\n\r\nThe security vulnerability could be exploited by an attacker with network\r\naccess to the affected systems. Successful exploitation requires no system\r\nprivileges and no user interaction. An attacker could use the vulnerability\r\nto compromise availability of the device."
    },
    {
      "lang": "es",
      "value": "SIPLUS), paneles exteriores SIMATIC HMI Comfort de 7\" y 15\" (incl. variantes SIPLUS), paneles SIMATIC HMI Comfort de 4\" - 22\" (incl. variantes SIPLUS), paneles SIMATIC ET 200SP Open Controller CPU 1515SP PC SIPLUS), paneles m\u00f3viles SIMATIC HMI KTP KTP400F, KTP700, KTP700F, KTP900 y KTP900F, SIMATIC IPC DiagMonitor, SIMATIC RF182C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF188C, familia SIMATIC RF600R, familia de CPUs SIMATIC S7-1500 (incl. CPUs ET200 y variantes SIPLUS), controlador de software SIMATIC S7-1500, familia de CPUs SIMATIC S7-300 (incluidas las CPUs ET200 y variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V6 e inferiores (incluidas las variantes SIPLUS), familia de CPUs SIMATIC S7-400 PN/DP V7 (incluidas las variantes SIPLUS) SIPLUS), SIMATIC S7-PLCSIM Advanced, SIMATIC Teleservice Adapter IE Advanced, SIMATIC Teleservice Adapter IE Basic, SIMATIC Teleservice Adapter IE Standard, SIMATIC WinAC RTX (F) 2010, SIMATIC WinCC Runtime Advanced, SIMOCODE pro V EIP (incl. SIPLUS), SIMOCODE pro V PN (incl. variantes SIPLUS), SINAMICS G130 V4.6 Control Unit, SINAMICS G130 V4.7 Control Unit, SINAMICS G130 V4.7 SP1 Control Unit, SINAMICS G130 V4.8 Control Unit, SINAMICS G130 V5.1 Control Unit, SINAMICS G130 V5. 1 SP1 Unidad de control, SINAMICS G150 V4.6 Unidad de control, SINAMICS G150 V4.7 Unidad de control, SINAMICS G150 V4.7 SP1 Unidad de control, SINAMICS G150 V4.8 Unidad de control, SINAMICS G150 V5. 1 Unidad de control, SINAMICS G150 V5.1 SP1 Unidad de control, SINAMICS GH150 V4.7 (Unidad de control), SINAMICS GH150 V4.8 (Unidad de control), SINAMICS GL150 V4.7 (Unidad de control), SINAMICS GL150 V4. 8 (Unidad de control), SINAMICS GM150 V4.7 (Unidad de control), SINAMICS GM150 V4.8 (Unidad de control), SINAMICS S120 V4.6 Unidad de control (incl. variantes SIPLUS), SINAMICS S120 V4.7 Unidad de control (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V4.7 SP1 (incl. variantes SIPLUS), SINAMICS S120 V4.8 (incl. variantes SIPLUS), SINAMICS S120 V5.1 (incl. variantes SIPLUS) SIPLUS), SINAMICS S120 V5.1 SP1 Unidad de Control (incl. variantes SIPLUS), SINAMICS S150 V4.6 Unidad de Control, SINAMICS S150 V4.7 Unidad de Control, SINAMICS S150 V4.7 SP1 Unidad de Control, SINAMICS S150 V4. 8 Unidad de control, SINAMICS S150 V5.1 Unidad de control, SINAMICS S150 V5.1 SP1 Unidad de control, SINAMICS S210 V5.1 Unidad de control, SINAMICS S210 V5.1 SP1 Unidad de control, SINAMICS SL150 V4. 7 (Unidad de Control), SINAMICS SL150 V4.8 (Unidad de Control), SINAMICS SM120 V4.7 (Unidad de Control), SINAMICS SM120 V4.8 (Unidad de Control), SINAMICS SM150 V4. 8 (unidad de control), SIPLUS NET CP 343-1 Advanced, SIPLUS NET CP 443-1, SIPLUS NET CP 443-1 Advanced, SITOP Manager, SITOP PSU8600, SITOP UPS1600 (incl. variantes SIPLUS), TIM 1531 IRC (incl. variantes SIPLUS NET). El servidor web de los dispositivos afectados contiene una vulnerabilidad que puede conducir a una condici\u00f3n de denegaci\u00f3n de servicio. Un atacante puede provocar una situaci\u00f3n de denegaci\u00f3n de servicio que lleve a reiniciar el servidor web del dispositivo afectado. La vulnerabilidad de seguridad podr\u00eda ser explotada por un atacante con acceso a la red de los sistemas afectados. La explotaci\u00f3n exitosa no requiere privilegios del sistema ni interacci\u00f3n del usuario. Un atacante podr\u00eda utilizar la vulnerabilidad para comprometer la disponibilidad del dispositivo"
    }
  ],
  "id": "CVE-2019-6568",
  "lastModified": "2024-11-21T04:46:42.773",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2019-04-17T14:29:03.683",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
    },
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-480230.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-530931.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:32
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition.
Impacted products
Vendor Product Version
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_rf1170r_firmware *
siemens simatic_rf1170r -
siemens simatic_rf1140r_firmware *
siemens simatic_rf1140r -
siemens simatic_reader_rf685r_fcc_firmware *
siemens simatic_reader_rf685r_fcc -
siemens simatic_reader_rf685r_etsi_firmware *
siemens simatic_reader_rf685r_etsi -
siemens simatic_reader_rf685r_cmiit_firmware *
siemens simatic_reader_rf685r_cmiit -
siemens simatic_reader_rf685r_arib_firmware *
siemens simatic_reader_rf685r_arib -
siemens simatic_reader_rf680r_fcc_firmware *
siemens simatic_reader_rf680r_fcc -
siemens simatic_reader_rf680r_etsi_firmware *
siemens simatic_reader_rf680r_etsi -
siemens simatic_reader_rf680r_cmiit_firmware *
siemens simatic_reader_rf680r_cmiit -
siemens simatic_reader_rf680r_arib_firmware *
siemens simatic_reader_rf680r_arib -
siemens simatic_reader_rf650r_fcc_firmware *
siemens simatic_reader_rf650r_fcc -
siemens simatic_reader_rf650r_etsi_firmware *
siemens simatic_reader_rf650r_etsi -
siemens simatic_reader_rf650r_cmiit_firmware *
siemens simatic_reader_rf650r_cmiit -
siemens simatic_reader_rf650r_arib_firmware *
siemens simatic_reader_rf650r_arib -
siemens simatic_reader_rf615r_fcc_firmware *
siemens simatic_reader_rf615r_fcc -
siemens simatic_reader_rf615r_etsi_firmware *
siemens simatic_reader_rf615r_etsi -
siemens simatic_reader_rf615r_cmiit_firmware *
siemens simatic_reader_rf615r_cmiit -
siemens simatic_reader_rf610r_fcc_firmware *
siemens simatic_reader_rf610r_fcc -
siemens simatic_reader_rf610r_etsi_firmware *
siemens simatic_reader_rf610r_etsi -
siemens simatic_reader_rf610r_cmiit_firmware *
siemens simatic_reader_rf610r_cmiit -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications do not authenticated the creation of Ajax2App instances. This could allow an unauthenticated attacker to cause a denial of service condition."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Las aplicaciones afectadas no autentican la creaci\u00f3n de instancias de Ajax2App. Esto podr\u00eda permitir que un atacante no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-37993",
  "lastModified": "2024-09-18T15:32:26.037",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 6.9,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "LOW",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "NONE"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-10T10:15:11.090",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-06-08 20:15
Modified
2024-11-21 06:05
Summary
A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 and < V1.3.2), SIMATIC RF188C (All versions > V1.1 and < V1.3.2), SIMATIC RF188CI (All versions > V1.1 and < V1.3.2), SIMATIC RF360R (All versions < V2.0), SIMATIC Reader RF610R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF610R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF610R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF615R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF615R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF615R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF650R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF650R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF650R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF680R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF680R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF680R FCC (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ARIB (All versions > V3.0 < V4.0), SIMATIC Reader RF685R CMIIT (All versions > V3.0 < V4.0), SIMATIC Reader RF685R ETSI (All versions > V3.0 < V4.0), SIMATIC Reader RF685R FCC (All versions > V3.0 < V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation.
Impacted products
Vendor Product Version
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_reader_rf610r_cmiit_firmware *
siemens simatic_reader_rf610r_cmiit -
siemens simatic_reader_rf610r_etsi_firmware *
siemens simatic_reader_rf610r_etsi -
siemens simatic_reader_rf610r_fcc_firmware *
siemens simatic_reader_rf610r_fcc -
siemens simatic_reader_rf615r_cmiit_firmware *
siemens simatic_reader_rf615r_cmiit -
siemens simatic_reader_rf615r_etsi_firmware *
siemens simatic_reader_rf615r_etsi -
siemens simatic_reader_rf615r_fcc_firmware *
siemens simatic_reader_rf615r_fcc -
siemens simatic_reader_rf650r_cmiit_firmware *
siemens simatic_reader_rf650r_cmiit -
siemens simatic_reader_rf650r_etsi_firmware *
siemens simatic_reader_rf650r_etsi -
siemens simatic_reader_rf650r_fcc_firmware *
siemens simatic_reader_rf650r_fcc -
siemens simatic_reader_rf650r_arib_firmware *
siemens simatic_reader_rf650r_arib -
siemens simatic_reader_rf680r_cmiit_firmware *
siemens simatic_reader_rf680r_cmiit -
siemens simatic_reader_rf680r_etsi_firmware *
siemens simatic_reader_rf680r_etsi -
siemens simatic_reader_rf680r_fcc_firmware *
siemens simatic_reader_rf680r_fcc -
siemens simatic_reader_rf680r_arib_firmware *
siemens simatic_reader_rf680r_arib -
siemens simatic_reader_rf685r_cmiit_firmware *
siemens simatic_reader_rf685r_cmiit -
siemens simatic_reader_rf685r_etsi_firmware *
siemens simatic_reader_rf685r_etsi -
siemens simatic_reader_rf685r_fcc_firmware *
siemens simatic_reader_rf685r_fcc -
siemens simatic_reader_rf685r_arib_firmware *
siemens simatic_reader_rf685r_arib -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FAEBD5A-ED36-47C5-8DA5-9845F22EE58D",
              "versionEndExcluding": "1.3.2",
              "versionStartExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AED53B-754E-4486-B3C9-334CEAFFA51E",
              "versionEndExcluding": "1.3.2",
              "versionStartExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "625CC7AD-CC00-4D98-AB84-057EC715CAE0",
              "versionEndExcluding": "1.3.2",
              "versionStartExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22922F9-A759-48DC-9474-1AF21B7E1BF1",
              "versionEndExcluding": "1.3.2",
              "versionStartExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22EF569C-77BB-461B-A306-9939C4A40BD7",
              "versionEndExcluding": "1.3.2",
              "versionStartExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FFB4E7E-2C7C-42CD-A48B-C4D5AA29F5FB",
              "versionEndExcluding": "1.3.2",
              "versionStartExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4963ECC-C73C-4E0D-996B-200FA72457AE",
              "versionEndExcluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF403B4-5CF2-400B-A478-ED6793C4B1AC",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49053F22-7090-4F95-A22B-43AE63EA0861",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C641A539-9150-4ACD-A048-D51B47BBE018",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FCB4AEE-63F7-4D51-91B1-004ABA57B8D2",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66C94341-A430-4E33-B04F-EC1902CA4931",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C72BD0C-B03C-4F53-854F-1075D8169425",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CF3A61A-E125-4BE1-BC05-0F2144B738FD",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61CD6B66-2A64-45A8-A64E-D8377E7C8DE7",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52A14F72-1BFF-40F9-A0B4-C5465E041208",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85FCC663-C190-4F0A-BD69-4E2F44A1EED5",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E645BE68-DB7B-48AC-8A51-CE576B902711",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6371B9FA-0137-4E3E-B32C-F56DD083F6E3",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD90CE56-9B4E-4293-9C46-1FF1348FF6BF",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC2CC054-6101-450F-A063-7B51BC021A24",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F33F00E-48FC-4961-9BEA-C336B1238DAB",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF0A163-D7D9-4326-8695-DC8E735F908E",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3C40DE2-564E-4D08-A747-50B64D47C08A",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3A8411B-EB2C-422C-BA70-ACF9ABF57F59",
              "versionEndExcluding": "4.0",
              "versionStartIncluding": "3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC RF166C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF185C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF186CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188C (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF188CI (All versions \u003e V1.1 and \u003c V1.3.2), SIMATIC RF360R (All versions \u003c V2.0), SIMATIC Reader RF610R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF610R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF615R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF650R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF680R FCC (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ARIB (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R CMIIT (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R ETSI (All versions \u003e V3.0 \u003c V4.0), SIMATIC Reader RF685R FCC (All versions \u003e V3.0 \u003c V4.0). Affected devices do not properly handle large numbers of incoming connections. An attacker may leverage this to cause a Denial-of-Service situation."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC RF166C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF185C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF186C (Todas las versiones posteriores a V1. 1 y y anteriores a V1.3.2), SIMATIC RF186CI (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF188C (Todas las versiones posteriores a V1.1 y y anteriores a V1.3.2), SIMATIC RF188CI (Todas las versiones posteriores a V1.1 y y anteriores a V1.3. 2), SIMATIC RF360R (Todas las versiones y anteriores a V2.0), SIMATIC Reader RF610R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF610R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF610R FCC (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF615R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF615R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF615R FCC (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF650R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF650R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF650R ETSI (Todas las versiones posteriores a V3. 0 y anteriores a V4.0), Lector SIMATIC RF650R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF680R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4.0), Lector SIMATIC RF680R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4. 0), SIMATIC Reader RF680R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF680R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R ARIB (Todas las versiones posteriores a V3.0 y anteriores a V4. 0), SIMATIC Reader RF685R CMIIT (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R ETSI (Todas las versiones posteriores a V3.0 y anteriores a V4.0), SIMATIC Reader RF685R FCC (Todas las versiones posteriores a V3.0 y anteriores a V4.0). Los dispositivos afectados no manejan adecuadamente un gran n\u00famero de conexiones entrantes. Un atacante puede aprovechar esto para provocar una situaci\u00f3n de denegaci\u00f3n de servicio"
    }
  ],
  "id": "CVE-2021-31340",
  "lastModified": "2024-11-21T06:05:27.063",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-06-08T20:15:08.853",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-787292.pdf"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-03-25 15:15
Modified
2024-11-21 06:21
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/27/1Mailing List, Third Party Advisory
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/27/2Mailing List, Third Party Advisory
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/28/3Mailing List, Third Party Advisory
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2021/03/28/4Mailing List, Third Party Advisory
openssl-security@openssl.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfThird Party Advisory
openssl-security@openssl.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdfPatch, Third Party Advisory
openssl-security@openssl.orghttps://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
openssl-security@openssl.orghttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845Third Party Advisory
openssl-security@openssl.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10356Third Party Advisory
openssl-security@openssl.orghttps://lists.debian.org/debian-lts-announce/2021/08/msg00029.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/
openssl-security@openssl.orghttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013Third Party Advisory
openssl-security@openssl.orghttps://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.ascThird Party Advisory
openssl-security@openssl.orghttps://security.gentoo.org/glsa/202103-03Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20210326-0006/Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20210513-0002/Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20240621-0006/
openssl-security@openssl.orghttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJdThird Party Advisory
openssl-security@openssl.orghttps://www.debian.org/security/2021/dsa-4875Third Party Advisory
openssl-security@openssl.orghttps://www.openssl.org/news/secadv/20210325.txtVendor Advisory
openssl-security@openssl.orghttps://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpujul2022.htmlThird Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-05Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-06Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-09Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2021-10Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/27/1Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/27/2Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/28/3Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/03/28/4Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdfPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
af854a3a-2127-422b-91ae-364da2661108https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10356Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2021/08/msg00029.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/
af854a3a-2127-422b-91ae-364da2661108https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.ascThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202103-03Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210326-0006/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20210513-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20240621-0006/
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJdThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2021/dsa-4875Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv/20210325.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com//security-alerts/cpujul2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2022.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujul2022.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-05Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-06Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-09Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2021-10Third Party Advisory
Impacted products
Vendor Product Version
openssl openssl *
debian debian_linux 9.0
debian debian_linux 10.0
freebsd freebsd 12.2
freebsd freebsd 12.2
freebsd freebsd 12.2
netapp active_iq_unified_manager -
netapp cloud_volumes_ontap_mediator -
netapp e-series_performance_analyzer -
netapp oncommand_insight -
netapp oncommand_workflow_automation -
netapp ontap_select_deploy_administration_utility -
netapp santricity_smi-s_provider -
netapp snapcenter -
netapp storagegrid -
tenable log_correlation_engine *
tenable nessus *
tenable nessus_network_monitor 5.11.0
tenable nessus_network_monitor 5.11.1
tenable nessus_network_monitor 5.12.0
tenable nessus_network_monitor 5.12.1
tenable nessus_network_monitor 5.13.0
tenable tenable.sc *
fedoraproject fedora 34
mcafee web_gateway 8.2.19
mcafee web_gateway 9.2.10
mcafee web_gateway 10.1.1
mcafee web_gateway_cloud_service 8.2.19
mcafee web_gateway_cloud_service 9.2.10
mcafee web_gateway_cloud_service 10.1.1
checkpoint quantum_security_management_firmware r80.40
checkpoint quantum_security_management_firmware r81
checkpoint quantum_security_management -
checkpoint multi-domain_management_firmware r80.40
checkpoint multi-domain_management_firmware r81
checkpoint multi-domain_management -
checkpoint quantum_security_gateway_firmware r80.40
checkpoint quantum_security_gateway_firmware r81
checkpoint quantum_security_gateway -
oracle communications_communications_policy_management 12.6.0.0.0
oracle enterprise_manager_for_storage_management 13.4.0.0
oracle essbase 21.2
oracle graalvm 19.3.5
oracle graalvm 20.3.1.2
oracle graalvm 21.0.0.2
oracle jd_edwards_enterpriseone_tools *
oracle jd_edwards_world_security a9.4
oracle mysql_connectors *
oracle mysql_server *
oracle mysql_server *
oracle mysql_workbench *
oracle peoplesoft_enterprise_peopletools 8.57
oracle peoplesoft_enterprise_peopletools 8.58
oracle peoplesoft_enterprise_peopletools 8.59
oracle primavera_unifier *
oracle primavera_unifier 19.12
oracle primavera_unifier 20.12
oracle primavera_unifier 21.12
oracle secure_backup *
oracle secure_global_desktop 5.6
oracle zfs_storage_appliance_kit 8.8
sonicwall sma100_firmware *
sonicwall sma100 -
sonicwall capture_client 3.5
sonicwall sonicos 7.0.1.0
siemens ruggedcom_rcm1224_firmware *
siemens ruggedcom_rcm1224 -
siemens scalance_lpe9403_firmware *
siemens scalance_lpe9403 -
siemens scalance_m-800_firmware *
siemens scalance_m-800 -
siemens scalance_s602_firmware *
siemens scalance_s602 -
siemens scalance_s612_firmware *
siemens scalance_s612 -
siemens scalance_s615_firmware *
siemens scalance_s615 -
siemens scalance_s623_firmware *
siemens scalance_s623 -
siemens scalance_s627-2m_firmware *
siemens scalance_s627-2m -
siemens scalance_sc-600_firmware *
siemens scalance_sc-600 -
siemens scalance_w700_firmware *
siemens scalance_w700 -
siemens scalance_w1700_firmware *
siemens scalance_w1700 -
siemens scalance_xb-200_firmware *
siemens scalance_xb-200 -
siemens scalance_xc-200_firmware *
siemens scalance_xc-200 -
siemens scalance_xf-200ba_firmware *
siemens scalance_xf-200ba -
siemens scalance_xm-400_firmware *
siemens scalance_xm-400 -
siemens scalance_xp-200_firmware *
siemens scalance_xp-200 -
siemens scalance_xr-300wg_firmware *
siemens scalance_xr-300wg -
siemens scalance_xr524-8c_firmware *
siemens scalance_xr524-8c -
siemens scalance_xr526-8c_firmware *
siemens scalance_xr526-8c -
siemens scalance_xr528-6m_firmware *
siemens scalance_xr528-6m -
siemens scalance_xr552-12_firmware *
siemens scalance_xr552-12 -
siemens simatic_cloud_connect_7_firmware *
siemens simatic_cloud_connect_7_firmware -
siemens simatic_cloud_connect_7 -
siemens simatic_cp_1242-7_gprs_v2_firmware *
siemens simatic_cp_1242-7_gprs_v2_firmware -
siemens simatic_cp_1242-7_gprs_v2 -
siemens simatic_hmi_basic_panels_2nd_generation_firmware *
siemens simatic_hmi_basic_panels_2nd_generation -
siemens simatic_hmi_comfort_outdoor_panels_firmware *
siemens simatic_hmi_comfort_outdoor_panels -
siemens simatic_hmi_ktp_mobile_panels_firmware *
siemens simatic_hmi_ktp_mobile_panels -
siemens simatic_mv500_firmware *
siemens simatic_mv500 -
siemens simatic_net_cp_1243-1_firmware *
siemens simatic_net_cp_1243-1 -
siemens simatic_net_cp1243-7_lte_eu_firmware *
siemens simatic_net_cp1243-7_lte_eu -
siemens simatic_net_cp1243-7_lte_us_firmware *
siemens simatic_net_cp1243-7_lte_us -
siemens simatic_net_cp_1243-8_irc_firmware *
siemens simatic_net_cp_1243-8_irc -
siemens simatic_net_cp_1542sp-1_irc_firmware *
siemens simatic_net_cp_1542sp-1_irc -
siemens simatic_net_cp_1543-1_firmware *
siemens simatic_net_cp_1543-1 -
siemens simatic_net_cp_1543sp-1_firmware *
siemens simatic_net_cp_1543sp-1 -
siemens simatic_net_cp_1545-1_firmware *
siemens simatic_net_cp_1545-1 -
siemens simatic_pcs_7_telecontrol_firmware *
siemens simatic_pcs_7_telecontrol -
siemens simatic_pcs_neo_firmware *
siemens simatic_pcs_neo -
siemens simatic_pdm_firmware *
siemens simatic_pdm -
siemens simatic_process_historian_opc_ua_server_firmware *
siemens simatic_process_historian_opc_ua_server -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_s7-1200_cpu_1211c_firmware *
siemens simatic_s7-1200_cpu_1211c -
siemens simatic_s7-1200_cpu_1212c_firmware *
siemens simatic_s7-1200_cpu_1212c -
siemens simatic_s7-1200_cpu_1212fc_firmware *
siemens simatic_s7-1200_cpu_1212fc -
siemens simatic_s7-1200_cpu_1214_fc_firmware *
siemens simatic_s7-1200_cpu_1214_fc -
siemens simatic_s7-1200_cpu_1214c_firmware *
siemens simatic_s7-1200_cpu_1214c -
siemens simatic_s7-1200_cpu_1214_fc_firmware *
siemens simatic_s7-1200_cpu_1214_fc -
siemens simatic_s7-1200_cpu_1215_fc_firmware *
siemens simatic_s7-1200_cpu_1215_fc -
siemens simatic_s7-1200_cpu_1215c_firmware *
siemens simatic_s7-1200_cpu_1215c -
siemens simatic_s7-1200_cpu_1217c_firmware *
siemens simatic_s7-1200_cpu_1217c -
siemens simatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmware *
siemens simatic_s7-1500_cpu_1518-4_pn\/dp_mfp -
siemens sinamics_connect_300_firmware *
siemens sinamics_connect_300 -
siemens tim_1531_irc_firmware *
siemens tim_1531_irc -
siemens simatic_logon *
siemens simatic_logon 1.5
siemens simatic_wincc_runtime_advanced *
siemens simatic_wincc_telecontrol -
siemens sinec_nms 1.0
siemens sinec_nms 1.0
siemens sinec_pni -
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinema_server 14.0
siemens sinumerik_opc_ua_server *
siemens tia_administrator *
siemens sinec_infrastructure_network_services *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B213E696-A6D9-45E7-B4E4-E4CFE54ECEB8",
              "versionEndExcluding": "1.1.1k",
              "versionStartIncluding": "1.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "62A178A3-6A52-4981-9A27-FB07AD8AF778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "54A487B1-E5CE-4C76-87E8-518D24C5D86D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
              "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "280AA828-6FA9-4260-8EC1-019423B966E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24B8DB06-590A-4008-B0AB-FCD1401C77C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "361B791A-D336-4431-8F68-8135BEFFAEA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADFF451-740F-4DBA-BD23-3881945D3E40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ACF85D6-6B45-43DA-9C01-F0208186F014",
              "versionEndExcluding": "6.0.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AC12300-9051-4C70-9941-9FE5E64B4B30",
              "versionEndIncluding": "8.13.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "657682A0-54D5-4DC6-A98E-8BAF685926C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8661D361-71B5-4C41-A818-C89EC551D900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "253603DC-2D92-442A-B3A8-A63E14D8A070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC1721B5-9FCD-47C3-8338-E02932CF2C05",
              "versionEndIncluding": "5.17.0",
              "versionStartIncluding": "5.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA7F1FD-9FAB-4654-98B0-4588EEC8B69A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "868B2C4B-CE6B-41DA-A373-7D4FA51EFE9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "550F47A2-3393-481E-BC40-CE606BFA8776",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "43392D27-6C07-41C7-A17F-10C433338CE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FBF6C4C-195F-49A7-861D-52677D9BE58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "90732D53-E802-4E1B-B6C8-B1FDCE7905A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A98B128A-C58E-48EC-B691-AF73126A0822",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*",
              "matchCriteriaId": "345B990F-C1C4-440B-804E-0A2882FE7C01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08601413-25E2-4977-B67A-C11A9D788EA8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC067CC-EB90-43F5-9674-089D5C611573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B223A7-1039-445D-ABE1-5E481004D956",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1584E1B4-412C-40E2-BF07-4E464692F2AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0002A29-8B42-445D-9EC4-58BC93194241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B0EDB21-9305-4601-AB96-A77BD00F311D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9016DDF6-285C-4E64-88D0-29ECCEF048F8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "570DB369-A31B-4108-A7FD-09F674129603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "61516569-C48F-4362-B334-8CA10EDB0EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "394A16F2-CCD4-44E5-BF6B-E0C782A9FA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "058C7C4B-D692-49DE-924A-C2725A8162D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "0F0434A5-F2A1-4973-917C-A95F2ABE97D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*",
              "matchCriteriaId": "96DD93E0-274E-4C36-99F3-EEF085E57655",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86305E47-33E9-411C-B932-08C395C09982",
              "versionEndExcluding": "9.2.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B1CAD50-749F-4ADB-A046-BF3585677A58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8782A14-89B0-45EE-A5CB-FF715F5BA379",
              "versionEndIncluding": "8.0.23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C40ECC8-933B-47A4-8082-FCF0EF9C973E",
              "versionEndIncluding": "5.7.33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32714AD7-BCD1-4624-9923-5E6D927CF3CB",
              "versionEndIncluding": "8.0.23",
              "versionStartIncluding": "8.0.15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1A94E1-A6C6-488D-A74C-6C0B24637272",
              "versionEndIncluding": "8.0.23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1E416B-920B-49A0-9523-382898C2979D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8AF00C6-B97F-414D-A8DF-057E6BFD8597",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FA59A8-6A62-4B33-8952-D6E658F8DAC9",
              "versionEndIncluding": "17.12",
              "versionStartIncluding": "17.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "10864586-270E-4ACF-BDCC-ECFCD299305F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "38340E3C-C452-4370-86D4-355B6B4E0A06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C55C69-E22E-4B80-9371-5CD821D79FE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C01E8B82-71C7-4A4A-A70A-7B147524AB4A",
              "versionEndExcluding": "18.1.0.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DA11710-9EA8-49B4-8FD1-3AEE442F6ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E8B6D50-D482-43E9-A20D-FA77FD59AE2D",
              "versionEndExcluding": "10.2.1.0-17sv",
              "versionStartIncluding": "10.2.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sonicwall:sma100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4A2B7B-40F5-4AE0-ACC7-E94B82435DBA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sonicwall:capture_client:3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "349EB4AE-65E3-42DC-8F9C-3A1A155324D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD8688A-2D55-4A7E-A143-1BD0FCF957B0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5081E52B-E7C0-46BD-B1D0-2C70ABCC8831",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:ruggedcom_rcm1224:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3747CDD7-E833-4B68-A362-77D6A2E9D888",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058D21EA-E94C-4DDC-AD92-967DAC934457",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52A77C9D-E59C-4397-B834-797D7B334A6B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "424CD8EA-D8CB-40C7-8E0F-AC4B05C59C99",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFB9921A-5204-40A3-88AB-B7755F5C6875",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "858B6A84-5D0E-4E23-AE32-A45B51BAC8CF",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s602:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4D89D82-C2CE-44DC-A05B-B956F20BF4E3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D173626B-9C50-489F-8BA4-1C45E5F96526",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s612:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA7B48D2-0D17-420D-AAE1-35E5C0BE2924",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E967F5FC-6F3E-4982-8813-CA1DAF3BE165",
              "versionStartIncluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F315D8-0B26-4442-B330-85124017A482",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s623:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80D9A79-7984-462B-B4B9-6A4429422038",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F20F735-7A70-4A24-9621-786F99C8F87D",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_s627-2m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B51B40F8-71D2-4D2D-8EC2-CE154A6D7533",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "973B8030-B630-4D67-B897-25A359A96185",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725C671B-D7A0-48CF-8A31-5F9C4173F1DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86EA8E3F-81BD-47BC-9834-A9B69CA7E70C",
              "versionStartIncluding": "6.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3033B1E-57A6-4AE3-A861-7047CF8EAD79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE116AD9-B55F-41C8-8B55-329809DB63E1",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D9A73DD-4A21-4096-B4B6-A0A825E71006",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "144CDF5E-7E07-428B-B4DF-C94992B3A44A",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "339FFBDF-6957-481F-84CE-878B5CAAD9C8",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7719E194-EE3D-4CE8-8C85-CF0D82A553AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FBB13D3-4E04-4D01-B880-C16C4FFA240B",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58377C58-F660-4C17-A3CB-BFC2F28848CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E40058B3-3726-4F6A-AB41-7679487639F2",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "798E900F-5EF9-4B39-B8C2-79FAE659E7F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E642D10-E701-44DF-863B-D0DAA5530F50",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F962FC7-0616-467F-8CCA-ADEA224B5F7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4",
              "versionEndExcluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54FBE4D4-F31E-4B61-9216-44C8EC2988AB",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20511D61-FC1D-453E-BDF6-D3FB9951192A",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67661569-6233-4C74-9C72-88BD14B257FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "640AC619-B516-46FC-821B-09C4542A3FD6",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E048C4A-A414-4C87-A865-4D4218AE32EE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FB979DB-731B-4693-A9F8-B11ED953717C",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09743616-31C9-4E47-8A4A-B15D76204BE7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "886D2FE6-B054-4E3B-BACB-F08C0A119A80",
              "versionStartIncluding": "1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B185B70-CAC9-47AC-8639-7A4707C21540",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cloud_connect_7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FA78457-260C-467B-9785-04B3C8EDF3B3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABEA3BEE-E7AF-4C9A-ADE4-CE7FC1DB7639",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "049460B8-6186-44F9-B41F-284A2EC0B3B4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "205482DA-548C-4757-91F0-1599438873BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_basic_panels_2nd_generation_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45208694-635A-42AC-B668-8B67C60568B8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_basic_panels_2nd_generation:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8F8BCE-35CE-492A-8BFE-2C36EA51CE5C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4C147D9-4649-4289-B18B-55BD6E33521A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4830E0D-0128-4E5B-AB81-2B238471AE4B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EFA8B5-8DA1-4547-9E15-BDC265C56006",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CEB200-E38F-4629-9279-5AF065396678",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4FA1E6-4C5A-4CDC-AD40-E384C0BCA90D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A5B50E-0316-4189-8F41-54732CFCF63F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D254DA1D-C53E-426B-9C69-580CC47CF0AA",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65278BA0-3C81-4D81-9801-D7BE3A1D7680",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C06A02ED-0BA3-4A2C-AF0C-689B8AEB34B8",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "209C7B1E-10F6-4215-AF69-CC36192E0FCE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_us_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF8C00EE-1154-440C-A223-A2CE99CE3126",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_us:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "171A9543-E677-422F-8AEA-1BC2D0E53593",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB201DD3-8890-453E-A11E-1E13B3DAB3F9",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "350FD323-C876-4C7A-A2E7-4B0660C87F6C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61E498B1-87FF-454B-8DF0-61D0D3208491",
              "versionStartIncluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90FB801F-11B5-438C-98A1-E928BFEA2ADB",
              "versionEndExcluding": "3.0",
              "versionStartIncluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F56C2BDC-928E-491A-8E7C-F976B3787C7A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4BA1E6-64F7-4B96-8302-134057DAB1BE",
              "versionStartIncluding": "2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "783B50B8-2FB7-4982-88AA-B4F2AD094796",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DCA9544-DD17-4F56-B34C-91A3F37154AF",
              "versionStartIncluding": "1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1256EB4B-DD8A-4F99-AE69-F74E8F789C63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_pcs_7_telecontrol_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C25165E-EDE9-42F1-A3B9-0E47630D49CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_pcs_7_telecontrol:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF281FB-26E0-43E4-A2B6-4015661368AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_pcs_neo_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEACFC9-41B7-4EE0-9427-692363880326",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_pcs_neo:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF3CA343-CA2A-4593-930C-158612CE7A55",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9AE23E-7DAE-4191-BA4E-A7CD655C4BC8",
              "versionStartIncluding": "9.1.0.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E092B735-42D5-48D5-947B-288C0FA2E180",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D874D636-392A-4750-B976-F411DBCEBA8D",
              "versionStartIncluding": "2019",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14EC9343-7778-40B0-A74D-5C156FF2A229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "968FBB4E-5B0B-43D4-B3AD-418028093990",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5212F097-B65A-4D73-BB6F-49687F8AD980",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D806113B-57EB-4AA0-9D5E-12E30337A93B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53FA50A7-2DF6-454E-8A8E-838C392AB417",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC628CB7-0816-4267-9C5D-954BD0233D2E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88E64167-16AA-48D7-BCDC-B15D37FA666D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F1294A-1C26-4D43-9C53-D833F2510536",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3871C0C9-C65E-4E0B-9CA8-75E60066297F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AF60081-D534-44F5-972F-23257F16F372",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07849777-92E7-41D2-9128-F8D20DE15391",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEF1726E-B56F-4D39-AFF4-E79A3CA00DE6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B3573B-A31E-4489-B2DD-B01B5C1D03CB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CC4A9F7-9858-4F95-8097-F8D09DA61314",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B640800C-9263-4BEA-9DA5-1323932540BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4948734A-0AAD-4D28-B7FF-FFBBB9AA39C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE17584A-BF7A-48B8-A9CB-477663766C63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CC4A9F7-9858-4F95-8097-F8D09DA61314",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B640800C-9263-4BEA-9DA5-1323932540BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215_fc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EE37798-B068-40E5-BC03-1D8D303E5926",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C7D55C-8D99-4E2F-A254-1BDE2B12A203",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E0C491C-5C4A-4F1C-ABD4-9502A54AAA78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC4698CF-F935-4707-BA91-7E3650C7956C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7657063-1296-4734-B108-A2FF7A01B07F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "232279DE-CF1C-4A3C-886D-B4CE3F104F09",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C477CCD-06C7-4907-8B0C-4FCE7F6DADAD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BC4FA01-8DDB-41E4-B759-7B504F78AEBC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:sinamics_connect_300_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3360ACCE-E735-4E34-B278-0D4460E74CBF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:sinamics_connect_300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B854F5B-78C7-41FE-9364-5E71B36342A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2B20D95-C4B3-4D13-A3D8-F22AC42DC059",
              "versionEndExcluding": "2.2",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D94BEB-BBFB-4258-9835-87DBBB999239",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:simatic_logon:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F24E40-F3F0-48F3-B3DC-5F98B0564F7A",
              "versionStartIncluding": "1.6.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_logon:1.5:sp3_update_1:*:*:*:*:*:*",
              "matchCriteriaId": "423359E5-9C36-4C6B-AB24-B030E6C61D53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "79EE15DC-74D3-4551-AAD0-EA0CB600DA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:simatic_wincc_telecontrol:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3169FD3-CBA2-417C-95EF-4F8AE9FAB5AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_nms:1.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4ED13FC8-63C0-42C6-A51C-C480C45327C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_nms:1.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E68FE047-8F53-46B8-82D4-9342B1C8CA55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinec_pni:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1353DC31-FB12-427A-B1B2-9164A4BEE14B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "B0A5CC25-A323-4D49-8989-5A417D12D646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "A690BCD3-6497-43F7-8A51-E033B9121DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "AA375D44-ECC5-4BD3-A3D5-6D2AA68782D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update1:*:*:*:*:*:*",
              "matchCriteriaId": "6CD26C73-B61F-424B-91C2-352E2CAE6666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update2:*:*:*:*:*:*",
              "matchCriteriaId": "DB4EA15F-ECA4-477F-948F-490FC90BC66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABA14E65-214C-431D-A49A-D8FC142D4541",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "915B09CB-CA0A-445B-89D3-16AE9B08858E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F46497-4AB0-49A7-9453-CC26837BF253",
              "versionEndExcluding": "1.0.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "25A3180B-21AF-4010-9DAB-41ADFD2D8031",
              "versionEndIncluding": "10.12.0",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "43B199B4-D89C-483D-ACAE-6CB2A59EE67C",
              "versionEndIncluding": "10.24.0",
              "versionStartIncluding": "10.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "564ED5C8-50D7-413A-B88E-E62B6C07336A",
              "versionEndIncluding": "12.12.0",
              "versionStartIncluding": "12.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "3DEBF7C8-B000-47B9-B597-DC440F2603B3",
              "versionEndExcluding": "12.22.1",
              "versionStartIncluding": "12.13.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "428DCD7B-6F66-4F18-B780-5BD80143D482",
              "versionEndIncluding": "14.14.0",
              "versionStartIncluding": "14.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "380D03F3-6A7E-43A2-B002-FB2521FD3C58",
              "versionEndExcluding": "14.16.1",
              "versionStartIncluding": "14.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "3ED4D313-F372-4CC1-BE11-6BBA2F0E90E3",
              "versionEndExcluding": "15.14.0",
              "versionStartIncluding": "15.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)."
    },
    {
      "lang": "es",
      "value": "Un servidor OpenSSL TLS puede cometer un fallo si un cliente env\u00eda un mensaje ClientHello de renegociaci\u00f3n dise\u00f1ado maliciosamente.\u0026#xa0;Si una renegociaci\u00f3n de TLSv1.2 ClientHello omite la extensi\u00f3n signature_algorithms (donde estaba presente en el ClientHello inicial), pero incluye una extensi\u00f3n signature_algorithms_cert, se producir\u00e1 una desreferencia del puntero NULL, lo que conllevar\u00e1 un bloqueo y un ataque de denegaci\u00f3n de servicio.\u0026#xa0;Un servidor solo es vulnerable si tiene TLSv1.2 y la renegociaci\u00f3n habilitada (que es la configuraci\u00f3n predeterminada).\u0026#xa0;Los clientes de OpenSSL TLS no est\u00e1n afectados por este problema.\u0026#xa0;Todas las versiones de OpenSSL versi\u00f3n 1.1.1 est\u00e1n afectadas por este problema.\u0026#xa0;Los usuarios de estas versiones deben actualizar a OpenSSL versi\u00f3n 1.1.1k.\u0026#xa0;OpenSSL versi\u00f3n 1.0.2 no est\u00e1 afectado por este problema.\u0026#xa0;Corregido en OpenSSL versi\u00f3n 1.1.1k (Afectadas versiones 1.1.1-1.1.1j)"
    }
  ],
  "id": "CVE-2021-3449",
  "lastModified": "2024-11-21T06:21:33.050",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-03-25T15:15:13.450",
  "references": [
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202103-03"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
    },
    {
      "source": "openssl-security@openssl.org",
      "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4875"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv/20210325.txt"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-05"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-06"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-09"
    },
    {
      "source": "openssl-security@openssl.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/27/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2021/03/28/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202103-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210326-0006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20210513-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2021/dsa-4875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.openssl.org/news/secadv/20210325.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-05"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-06"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-09"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.tenable.com/security/tns-2021-10"
    }
  ],
  "sourceIdentifier": "openssl-security@openssl.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:31
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application.
Impacted products
Vendor Product Version
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_rf1170r_firmware *
siemens simatic_rf1170r -
siemens simatic_rf1140r_firmware *
siemens simatic_rf1140r -
siemens simatic_reader_rf685r_fcc_firmware *
siemens simatic_reader_rf685r_fcc -
siemens simatic_reader_rf685r_etsi_firmware *
siemens simatic_reader_rf685r_etsi -
siemens simatic_reader_rf685r_cmiit_firmware *
siemens simatic_reader_rf685r_cmiit -
siemens simatic_reader_rf685r_arib_firmware *
siemens simatic_reader_rf685r_arib -
siemens simatic_reader_rf680r_fcc_firmware *
siemens simatic_reader_rf680r_fcc -
siemens simatic_reader_rf680r_etsi_firmware *
siemens simatic_reader_rf680r_etsi -
siemens simatic_reader_rf680r_cmiit_firmware *
siemens simatic_reader_rf680r_cmiit -
siemens simatic_reader_rf680r_arib_firmware *
siemens simatic_reader_rf680r_arib -
siemens simatic_reader_rf650r_fcc_firmware *
siemens simatic_reader_rf650r_fcc -
siemens simatic_reader_rf650r_etsi_firmware *
siemens simatic_reader_rf650r_etsi -
siemens simatic_reader_rf650r_cmiit_firmware *
siemens simatic_reader_rf650r_cmiit -
siemens simatic_reader_rf650r_arib_firmware *
siemens simatic_reader_rf650r_arib -
siemens simatic_reader_rf615r_fcc_firmware *
siemens simatic_reader_rf615r_fcc -
siemens simatic_reader_rf615r_etsi_firmware *
siemens simatic_reader_rf615r_etsi -
siemens simatic_reader_rf615r_cmiit_firmware *
siemens simatic_reader_rf615r_cmiit -
siemens simatic_reader_rf610r_fcc_firmware *
siemens simatic_reader_rf610r_fcc -
siemens simatic_reader_rf610r_etsi_firmware *
siemens simatic_reader_rf610r_etsi -
siemens simatic_reader_rf610r_cmiit_firmware *
siemens simatic_reader_rf610r_cmiit -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected devices does not properly handle the error in case of exceeding characters while setting SNMP leading to the restart of the application."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Los dispositivos afectados no gestionan correctamente el error en caso de exceso de caracteres al configurar SNMP, lo que provoca el reinicio de la aplicaci\u00f3n."
    }
  ],
  "id": "CVE-2024-37992",
  "lastModified": "2024-09-18T15:31:27.597",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "HIGH",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "NONE"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-10T10:15:10.837",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:35
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment.
Impacted products
Vendor Product Version
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_rf1170r_firmware *
siemens simatic_rf1170r -
siemens simatic_rf1140r_firmware *
siemens simatic_rf1140r -
siemens simatic_reader_rf685r_fcc_firmware *
siemens simatic_reader_rf685r_fcc -
siemens simatic_reader_rf685r_etsi_firmware *
siemens simatic_reader_rf685r_etsi -
siemens simatic_reader_rf685r_cmiit_firmware *
siemens simatic_reader_rf685r_cmiit -
siemens simatic_reader_rf685r_arib_firmware *
siemens simatic_reader_rf685r_arib -
siemens simatic_reader_rf680r_fcc_firmware *
siemens simatic_reader_rf680r_fcc -
siemens simatic_reader_rf680r_etsi_firmware *
siemens simatic_reader_rf680r_etsi -
siemens simatic_reader_rf680r_cmiit_firmware *
siemens simatic_reader_rf680r_cmiit -
siemens simatic_reader_rf680r_arib_firmware *
siemens simatic_reader_rf680r_arib -
siemens simatic_reader_rf650r_fcc_firmware *
siemens simatic_reader_rf650r_fcc -
siemens simatic_reader_rf650r_etsi_firmware *
siemens simatic_reader_rf650r_etsi -
siemens simatic_reader_rf650r_cmiit_firmware *
siemens simatic_reader_rf650r_cmiit -
siemens simatic_reader_rf650r_arib_firmware *
siemens simatic_reader_rf650r_arib -
siemens simatic_reader_rf615r_fcc_firmware *
siemens simatic_reader_rf615r_fcc -
siemens simatic_reader_rf615r_etsi_firmware *
siemens simatic_reader_rf615r_etsi -
siemens simatic_reader_rf615r_cmiit_firmware *
siemens simatic_reader_rf615r_cmiit -
siemens simatic_reader_rf610r_fcc_firmware *
siemens simatic_reader_rf610r_fcc -
siemens simatic_reader_rf610r_etsi_firmware *
siemens simatic_reader_rf610r_etsi -
siemens simatic_reader_rf610r_cmiit_firmware *
siemens simatic_reader_rf610r_cmiit -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application contains a hidden configuration item to enable debug functionality. This could allow an attacker to gain insight into the internal configuration of the deployment."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). La aplicaci\u00f3n afectada contiene un elemento de configuraci\u00f3n oculto para habilitar la funcionalidad de depuraci\u00f3n. Esto podr\u00eda permitir que un atacante obtenga informaci\u00f3n sobre la configuraci\u00f3n interna de la implementaci\u00f3n."
    }
  ],
  "id": "CVE-2024-37994",
  "lastModified": "2024-09-18T15:35:17.403",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "NONE",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "LOW"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-10T10:15:11.340",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-912"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:29
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information.
Impacted products
Vendor Product Version
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_rf1170r_firmware *
siemens simatic_rf1170r -
siemens simatic_rf1140r_firmware *
siemens simatic_rf1140r -
siemens simatic_reader_rf685r_fcc_firmware *
siemens simatic_reader_rf685r_fcc -
siemens simatic_reader_rf685r_etsi_firmware *
siemens simatic_reader_rf685r_etsi -
siemens simatic_reader_rf685r_cmiit_firmware *
siemens simatic_reader_rf685r_cmiit -
siemens simatic_reader_rf685r_arib_firmware *
siemens simatic_reader_rf685r_arib -
siemens simatic_reader_rf680r_fcc_firmware *
siemens simatic_reader_rf680r_fcc -
siemens simatic_reader_rf680r_etsi_firmware *
siemens simatic_reader_rf680r_etsi -
siemens simatic_reader_rf680r_cmiit_firmware *
siemens simatic_reader_rf680r_cmiit -
siemens simatic_reader_rf680r_arib_firmware *
siemens simatic_reader_rf680r_arib -
siemens simatic_reader_rf650r_fcc_firmware *
siemens simatic_reader_rf650r_fcc -
siemens simatic_reader_rf650r_etsi_firmware *
siemens simatic_reader_rf650r_etsi -
siemens simatic_reader_rf650r_cmiit_firmware *
siemens simatic_reader_rf650r_cmiit -
siemens simatic_reader_rf650r_arib_firmware *
siemens simatic_reader_rf650r_arib -
siemens simatic_reader_rf615r_fcc_firmware *
siemens simatic_reader_rf615r_fcc -
siemens simatic_reader_rf615r_etsi_firmware *
siemens simatic_reader_rf615r_etsi -
siemens simatic_reader_rf615r_cmiit_firmware *
siemens simatic_reader_rf615r_cmiit -
siemens simatic_reader_rf610r_fcc_firmware *
siemens simatic_reader_rf610r_fcc -
siemens simatic_reader_rf610r_etsi_firmware *
siemens simatic_reader_rf610r_etsi -
siemens simatic_reader_rf610r_cmiit_firmware *
siemens simatic_reader_rf610r_cmiit -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The service log files of the affected application can be accessed without proper authentication. This could allow an unauthenticated attacker to get access to sensitive information."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Se puede acceder a los archivos de registro de servicio de la aplicaci\u00f3n afectada sin la autenticaci\u00f3n adecuada. Esto podr\u00eda permitir que un atacante no autenticado obtenga acceso a informaci\u00f3n confidencial."
    }
  ],
  "id": "CVE-2024-37991",
  "lastModified": "2024-09-18T15:29:44.390",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 6.0,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "PASSIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "NONE",
          "vulnerableSystemConfidentiality": "HIGH",
          "vulnerableSystemIntegrity": "NONE"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-10T10:15:10.600",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:37
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information.
Impacted products
Vendor Product Version
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_rf1170r_firmware *
siemens simatic_rf1170r -
siemens simatic_rf1140r_firmware *
siemens simatic_rf1140r -
siemens simatic_reader_rf685r_fcc_firmware *
siemens simatic_reader_rf685r_fcc -
siemens simatic_reader_rf685r_etsi_firmware *
siemens simatic_reader_rf685r_etsi -
siemens simatic_reader_rf685r_cmiit_firmware *
siemens simatic_reader_rf685r_cmiit -
siemens simatic_reader_rf685r_arib_firmware *
siemens simatic_reader_rf685r_arib -
siemens simatic_reader_rf680r_fcc_firmware *
siemens simatic_reader_rf680r_fcc -
siemens simatic_reader_rf680r_etsi_firmware *
siemens simatic_reader_rf680r_etsi -
siemens simatic_reader_rf680r_cmiit_firmware *
siemens simatic_reader_rf680r_cmiit -
siemens simatic_reader_rf680r_arib_firmware *
siemens simatic_reader_rf680r_arib -
siemens simatic_reader_rf650r_fcc_firmware *
siemens simatic_reader_rf650r_fcc -
siemens simatic_reader_rf650r_etsi_firmware *
siemens simatic_reader_rf650r_etsi -
siemens simatic_reader_rf650r_cmiit_firmware *
siemens simatic_reader_rf650r_cmiit -
siemens simatic_reader_rf650r_arib_firmware *
siemens simatic_reader_rf650r_arib -
siemens simatic_reader_rf615r_fcc_firmware *
siemens simatic_reader_rf615r_fcc -
siemens simatic_reader_rf615r_etsi_firmware *
siemens simatic_reader_rf615r_etsi -
siemens simatic_reader_rf615r_cmiit_firmware *
siemens simatic_reader_rf615r_cmiit -
siemens simatic_reader_rf610r_fcc_firmware *
siemens simatic_reader_rf610r_fcc -
siemens simatic_reader_rf610r_etsi_firmware *
siemens simatic_reader_rf610r_etsi -
siemens simatic_reader_rf610r_cmiit_firmware *
siemens simatic_reader_rf610r_cmiit -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected application improperly handles error while a faulty certificate upload leading to crashing of application. This vulnerability could allow an attacker to disclose sensitive information."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). La aplicaci\u00f3n afectada maneja incorrectamente el error durante la carga de un certificado defectuoso, lo que provoca el bloqueo de la aplicaci\u00f3n. Esta vulnerabilidad podr\u00eda permitir a un atacante revelar informaci\u00f3n confidencial."
    }
  ],
  "id": "CVE-2024-37995",
  "lastModified": "2024-09-18T15:37:15.130",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 2.7,
          "baseSeverity": "LOW",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 1.4,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 2.1,
          "baseSeverity": "LOW",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "LOW",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "NONE"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-10T10:15:11.570",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-703"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-09-10 10:15
Modified
2024-09-18 15:27
Summary
A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.
Impacted products
Vendor Product Version
siemens simatic_rf360r_firmware *
siemens simatic_rf360r -
siemens simatic_rf1170r_firmware *
siemens simatic_rf1170r -
siemens simatic_rf1140r_firmware *
siemens simatic_rf1140r -
siemens simatic_reader_rf685r_fcc_firmware *
siemens simatic_reader_rf685r_fcc -
siemens simatic_reader_rf685r_etsi_firmware *
siemens simatic_reader_rf685r_etsi -
siemens simatic_reader_rf685r_cmiit_firmware *
siemens simatic_reader_rf685r_cmiit -
siemens simatic_reader_rf685r_arib_firmware *
siemens simatic_reader_rf685r_arib -
siemens simatic_reader_rf680r_fcc_firmware *
siemens simatic_reader_rf680r_fcc -
siemens simatic_reader_rf680r_etsi_firmware *
siemens simatic_reader_rf680r_etsi -
siemens simatic_reader_rf680r_cmiit_firmware *
siemens simatic_reader_rf680r_cmiit -
siemens simatic_reader_rf680r_arib_firmware *
siemens simatic_reader_rf680r_arib -
siemens simatic_reader_rf650r_fcc_firmware *
siemens simatic_reader_rf650r_fcc -
siemens simatic_reader_rf650r_etsi_firmware *
siemens simatic_reader_rf650r_etsi -
siemens simatic_reader_rf650r_cmiit_firmware *
siemens simatic_reader_rf650r_cmiit -
siemens simatic_reader_rf650r_arib_firmware *
siemens simatic_reader_rf650r_arib -
siemens simatic_reader_rf615r_fcc_firmware *
siemens simatic_reader_rf615r_fcc -
siemens simatic_reader_rf615r_etsi_firmware *
siemens simatic_reader_rf615r_etsi -
siemens simatic_reader_rf615r_cmiit_firmware *
siemens simatic_reader_rf615r_cmiit -
siemens simatic_reader_rf610r_fcc_firmware *
siemens simatic_reader_rf610r_fcc -
siemens simatic_reader_rf610r_etsi_firmware *
siemens simatic_reader_rf610r_etsi -
siemens simatic_reader_rf610r_cmiit_firmware *
siemens simatic_reader_rf610r_cmiit -
siemens simatic_rf188ci_firmware *
siemens simatic_rf188ci -
siemens simatic_rf188c_firmware *
siemens simatic_rf188c -
siemens simatic_rf186ci_firmware *
siemens simatic_rf186ci -
siemens simatic_rf186c_firmware *
siemens simatic_rf186c -
siemens simatic_rf185c_firmware *
siemens simatic_rf185c -
siemens simatic_rf166c_firmware *
siemens simatic_rf166c -



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8930F2B-7C37-4059-85FC-0316B631C860",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F05227-208B-42C8-8D56-A5D106CAD32F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1170r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC216594-D56B-454D-BD2C-50631B8C8F9C",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1170r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD8AD128-F6E2-45BD-9098-EC559D193194",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf1140r_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F4F714-F802-4D13-A965-0A22B80DA9D0",
              "versionEndExcluding": "1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf1140r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA20BB5-024E-4389-A0FE-C218E15D31A8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61801B9-80FD-45EC-9A20-5C703CB8BE76",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F5073F-CAE9-4071-9C86-2B29FB529A49",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "058EDB3A-31B8-482F-B825-B0A7E192356E",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00C8A81-53EB-425F-A730-AC7505285B73",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC4D21-B225-4349-A8E8-68780CC465D1",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3C8FC67-825D-4E55-8341-E449EA98B6AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf685r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E84B475-1FB7-4BF1-880B-8DB5137BB941",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf685r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAA7370-1B78-4AF8-8358-830460A5E81C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "970B3705-6172-4C00-B402-30A7F23C5A08",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D5F6C3-3AC5-40F2-B755-130E24169AB3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D261FBC-1E4C-4016-AD0E-F234EE36F09A",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08729226-19DB-410A-A764-B84E5213839D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B465BD-D425-44C7-931C-E6DAABB79B67",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA13A689-EBB3-47D3-83AB-4EAFCB0CCF14",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf680r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1B9A6C1-E7AD-46DE-A0EC-E6E03B957A13",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf680r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC372090-E9D1-4CB7-8CDC-8FA439764359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBDF6C6-A67A-412F-8ACF-27E3AA0EE8E9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD9ED6C-B948-4F73-ADC9-2EA7AFB646C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28C49CB8-179A-47B7-9B04-FC214382B643",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C73C18-EC1D-431A-808F-1C16706B7F26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "896E8488-0AB0-4C39-9729-1E42F4C28419",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "838474F2-85A2-4315-8F0C-B1AAC9B20373",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf650r_arib_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E525612D-8273-42FD-8DAD-D589ED61C9D6",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf650r_arib:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5735D69B-EBA4-4ADD-9D02-AFFBDB14B085",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "130361E8-6979-492F-89A3-4EFFF8F5379F",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557BB258-1B9D-457F-9573-85439950C361",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC98A393-C374-4411-94FE-9832CD8690ED",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C951AC92-DD7E-4C24-BC38-1D041D81691C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf615r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA399AA-B0C4-48D5-B5F5-EE7A65D10A95",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf615r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C96D63-0711-48F8-ADE2-261FCF306049",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_fcc_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C902FA6A-3E5D-471C-8513-27FE8BB5B2DC",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_fcc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F85BC978-9C30-4484-B6D7-B7A4543EFDA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_etsi_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5DA457-347E-4B6B-8003-882BD4D95D64",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_etsi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BFFE2B-5843-4A03-A6A7-1098A4FB9A0C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_reader_rf610r_cmiit_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B07B2FDF-E6A5-4E06-9328-01F311E85AF9",
              "versionEndExcluding": "4.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_reader_rf610r_cmiit:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3CE2417-B29E-4CBD-9A30-3DB5C30771D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F1472B-A584-4712-BEF7-7B4BDE166CE2",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DB4915-E989-4085-B201-C5CCC86AB924",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21F9909-8D80-40BE-81E0-6ED7FE140A3A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B280EE0D-F3F9-46E3-949F-109844428C35",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86AC831-9FB9-4D17-AA06-E68C176F1A23",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0933EB-82BE-42BB-978B-C9EC2FE1C795",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A27B28F-A037-4730-A0DD-96BB568F4A58",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82494B5E-80EE-47ED-B87E-CF8C8907B6FE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D48EE1B0-3010-44F2-AEF9-A3E35BD03971",
              "versionEndExcluding": "2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391AD485-A49D-43D0-AAE5-1F58B38D4E22",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions \u003c V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions \u003c V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions \u003c V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions \u003c V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions \u003c V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions \u003c V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions \u003c V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions \u003c V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions \u003c V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions \u003c V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions \u003c V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device."
    },
    {
      "lang": "es",
      "value": "Se ha identificado una vulnerabilidad en SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (Todas las versiones \u0026lt; V4.2), SIMATIC RF1140R (6GT2831-6CB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF1170R (6GT2831-6BB00) (Todas las versiones \u0026lt; V1.1), SIMATIC RF166C (6GT2002-0EE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF185C (6GT2002-0JE10) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186C (6GT2002-0JE20) (Todas las versiones \u0026lt; V2.2), SIMATIC RF186CI (6GT2002-0JE50) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188C (6GT2002-0JE40) (Todas las versiones \u0026lt; V2.2), SIMATIC RF188CI (6GT2002-0JE60) (Todas las versiones \u0026lt; V2.2), SIMATIC RF360R (6GT2801-5BA30) (Todas las versiones \u0026lt; V2.2). Las aplicaciones afectadas contienen archivos de configuraci\u00f3n que se pueden modificar. Un atacante con acceso privilegiado puede modificar estos archivos y habilitar funciones que no est\u00e1n disponibles para este dispositivo."
    }
  ],
  "id": "CVE-2024-37990",
  "lastModified": "2024-09-18T15:27:53.563",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.2,
        "source": "productcert@siemens.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "automatable": "NOT_DEFINED",
          "availabilityRequirements": "NOT_DEFINED",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityRequirements": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirements": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "recovery": "NOT_DEFINED",
          "safety": "NOT_DEFINED",
          "subsequentSystemAvailability": "NONE",
          "subsequentSystemConfidentiality": "NONE",
          "subsequentSystemIntegrity": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "vulnerableSystemAvailability": "HIGH",
          "vulnerableSystemConfidentiality": "NONE",
          "vulnerableSystemIntegrity": "HIGH"
        },
        "source": "productcert@siemens.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-09-10T10:15:10.227",
  "references": [
    {
      "source": "productcert@siemens.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-765405.html"
    }
  ],
  "sourceIdentifier": "productcert@siemens.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-912"
        }
      ],
      "source": "productcert@siemens.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}